Principal Cybersecurity Researcher

Two Six Technologies

$193K — $290K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Doctorate in Computer Science, Computer/Electrical Engineering, or related field with 7 years relevant experience, OR Master's with 9 years, OR Bachelor's with 11 years, OR Associate's with 13 years.
  • Proficiency in C/C++, Python, and at least one Instruction Set Architecture (ISA) like x86/ARM/MIPS.
  • Experience in Linux command-line environments.
  • Proficient with decompilers such as IDA Pro, Binary Ninja, or Ghidra.
  • Experience with vulnerability research tools like emulators or fuzzers.
  • Familiar with software debugging tools such as GDB or WinDbg.
  • Ability to work on-site regularly at Linthicum, Maryland.

Responsibilities

  • Lead identification of vulnerabilities and attacks across multiple domains.
  • Develop proof of concept (PoC) code for identified vulnerabilities.
  • Reverse-engineer target embedded systems to find vulnerabilities.
  • Review source code for risks and vulnerabilities.
  • Analyze vulnerabilities' effects on mission outcomes and operational effectiveness.
  • Propose operationally effective countermeasures based on attack techniques.
  • Produce reports and briefings on actual and potential attacks and findings.

Benefits

  • Medical, dental, and vision insurance.
  • Life and disability insurance.
  • Retirement benefits.
  • Paid leave.
  • Tuition assistance and professional development opportunities.
Full Job Description
Overview of Opportunity

Join the Trusted Electronics & Effects business unit of Two Six Technologies, where you'll provide strategic technical leadership in vulnerability research across hardware, software, and operational domains. Working alongside engineers, researchers, and clients, you'll identify vulnerabilities, assess operational impacts, and develop effective countermeasures. Our fast-growing roster of government customers relies on us to deliver advanced security solutions, and we're looking for a Principal Vulnerability Researcher to drive research programs and mentor technical teams.

This role requires regular on-site support at the Linthicum, Maryland customer site.

What you will do:
  • Lead the identification of vulnerabilities and attacks across hardware, software, personnel, logistics, procedures, and physical security, linking them to operational and mission impacts.
  • Identify vulnerabilities and potential attacks across hardware, software, procedures, logistics, and physical security of systems
  • Develop proof of concept (PoC) code for identified vulnerabilities
  • Reverse-engineer targeted embedded systems to identify vulnerabilities
  • Review source code looking for risks and vulnerabilities
  • Analyze the effects of vulnerabilities on mission outcomes and operational effectiveness.
  • Compare system attack techniques and propose operationally effective countermeasures
  • Produce reports, briefings, and perspectives on actual and potential attacks
  • Provide technical leadership on research efforts, prioritizing investigations, reviewing methodologies, and overseeing proof-of-concepts.
  • Mentor and guide junior engineers and researchers, reviewing technical approaches and fostering skill development.

What you will need (Basic Qualifications):
  • Doctorate in Computer Science, Computer/Electrical Engineering, or a related field and 7 years of relevant experience, OR Master's degree and 9 years of relevant experience, OR Bachelor's degree and 11 years of relevant experience, OR Associate's degree and 13 years of relevant experience.
    • Relevant experience: computer/information systems design/development, programming, information/cyber/network security, reverse-engineering, vulnerability analysis, penetration testing, computer forensics, information assurance, or systems engineering
  • Proficiency in C/C++, Python, and at least one ISA (e.g. x86/ARM/MIPS)
  • Proficiency in Linux command-line environments
  • Experience using a decompiler such as IDA Pro, Binary Ninja, or Ghidra
  • Experience using vulnerability research tools such as emulators or fuzzers
  • Experience using a software debugger such as GDB or WinDbg
  • Ability to work on-site at Linthicum, Maryland customer site regularly.

Nice If You Have (Preferred):
  • Experience translating vulnerabilities into operationally relevant impact assessments and countermeasures.
  • Experience producing technical briefings for operational stakeholders
  • Experience using a hardware debugger
  • Experience with UART, SPI, I2C
  • Experience with common secure communications such as TLS or SSH
  • Familiarity with embedded firmware, RTOS, or networked systems
  • Familiarity with high-side environments

Security Clearance:
  • Active TS/SCI clearance with Polygraph required

#LI-ZS1

#LI-ONSITE

Two Six Technologies is committed to providing competitive and comprehensive compensation packages that reflect the value we place on our employees and their contributions. We believe in rewarding skills, experience, and performance. Our offerings include but are not limited to, medical, dental, and vision insurance, life and disability insurance, retirement benefits, paid leave, tuition assistance and professional development.

The projected salary range listed for this position is annualized. This is a general guideline and not a guarantee of salary. Salary is one component of our total compensation package and the specific salary offered is determined by various factors, including, but not limited to education, experience, knowledge, skills, geographic location, as well as contract specific affordability and organizational requirements.

Salary Range

$193,746-$290,619 USD

Similar Jobs

More Jobs at Two Six Technologies

More Information Technology Jobs

Find similar Principal Cybersecurity Researcher jobs: