Software Exploitation Engineer

STACKPIERCER LABS, LLC
Linthicum Heights, United States of America
4 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Linthicum Heights, United States of America

Tech stack

Microsoft Windows
Agile Methodologies
Unix
C++
Static Program Analysis
Computer Security
Linux
Dynamic Program Analysis
Fuzz Testing
Python
Kernel Debuggers
Scrum
Reverse Engineering
Software Engineering
WinDBg
Vulnerability Analysis

Requirements

Do you have experience in Software engineering?, Stackpiercer Labs is seeking a skilled and motivated exploit researcher and developer with an active TS/SCI clearance and full-scope polygraph (preferred) or CI poly with sufficient experience (min 5+ years of combined VR or exploit dev). This role invites career-oriented researchers and exploit developers to team with industry experts tackling the industry's hardest problems. This position presents the opportunity to engineer tangible contributions to mission-critical tasks, discover new vulnerabilities in widely used software, and guide the development process of turning those vulnerabilities into working exploits., Expert proficiency in C/C++ and Python * Expert proficiency in one of the following platforms: Windows, Linux//Unix, Android * Proficiency with assembly (x86/x64/arm/aarch64) * Familiarity with modern software engineering practices (Scrum, Agile etc.) * Expert knowledge of cyber security systems, including networking, kernels, security subsystems (DEP, ASLR, ROP), etc. * Fundamental understanding of Vulnerability Research concepts (fuzzing, static analysis, dynamic analysis)

Desired Skills * Ability to coordinate with customers, interpret and negotiate requirements, and communicate effectively with product stakeholders * Proficiency with modern vulnerability discovery and analysis toolkits, such as mutation, evolutionary, and taint fuzzers, instrumentation based fuzzing, and symbolic or solver-based fuzzing * Proficiency in a wide variety of real-world vulnerability development, such as the creation of PoCs of RCEs, LPEs, sandbox escapes, kernel security defeats, etc. * Advanced proficiency in Reverse Engineering and associated toolkits (Ghidra, IDA, Binary Ninja) * Advanced proficiency in application and kernel debugging, and associated toolkits (Windbg, gdb, etc) * Familiarity with taking proofs of concept and productizing them into working exploits * Familiarity with advanced Vulnerability Research topics such as symbolic execution, concolic execution, and automated tooling to conduct static analysis.

About the company

Stackpiercer Labs is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Apply for this position