BTS Software Solutions

Vulnerability Researcher III

BTS Software Solutions$260K — $300K *
Aerospace & Defense
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Experience with Assembly, C, C#, C++, Perl, or Python programming languages
  • Proficient in Unix/Windows system APIs
  • Expertise in C++ virtual function tables and heap allocation strategies
  • Experience with large software projects preferred
  • Kernel programming experience (WDK/Unix/Linux) is a significant plus
  • Proficient in hardware/software reverse engineering using tools like IDA Pro or Ghidra
  • Ability to identify and exploit common vulnerability patterns in C/C++ code.

Responsibilities

  • Debug software and troubleshoot programmatic issues
  • Conduct source code analysis to uncover software flaws
  • Develop proof-of-concept exploits and demonstrate results
  • Lead reverse engineering and vulnerability research initiatives
  • Edit and participate in technical presentations for projects
  • Serve as a Subject Matter Expert in designated technology areas
  • Produce documentation on vulnerability impacts and severity.

Benefits

  • Participation in technical presentations and training
  • Opportunity to work with cutting-edge technologies
  • Collaborative environment with like-minded professionals
  • Potential for leadership and mentorship roles in vulnerability analysis
  • Engagement in impactful vulnerability discovery efforts.
Full Job Description
Vulnerability Researcher III

REQ ID:976-03

BTS Software Solutions is seeking a Vulnerability Researcher III with an active TS/SCI w/ POLY to join our team in Annapolis Junction, MD.

What You'll Get To Do:
  • Actively debug software and troubleshoot issues with software crashes and programmatic flow
  • Ability to perform source code analysis in an effort to discover software flaws, and
  • provide/author documentation on the impact and severity of the flaw
  • Ability to develop proof-of-concept exploits against research targets, prototypes, and hands-on demonstrations of vulnerability analysis results
  • Provide/author and participate in technical presentations on assigned projects
  • Lead reverse engineering and vulnerability research
  • Lead efforts to debug software and troubleshoot issues with software crashes and programmatic flow
  • Ability to perform source code analysis in an effort to discover software flaws, and provide/author documentation on the impact and severity of the flaw
  • Ability to develop robust exploits (advancements beyond initial proof-of-concept such as version coverage, decreased failure rate, handling edge cases, etc.) against research targets, prototypes, and hands-on demonstrations of vulnerability analysis results
  • Edit/Approve and participate in technical presentations on assigned projects
  • Subject Matter Expert and Leader of at least one technology area responsible for reverse engineering and vulnerability analysis

You'll Bring These Skills:
  • Experience programming in Assembly, C, C#, C++, Perl, or Python with a focus on an understanding of system interactions with these libraries vs. production-style environments
  • Use of Unix/Windows system API's
  • Understanding of virtual function tables in C++
  • Heap allocation strategies and protections
  • Experience with very large software projects a plus
  • Kernel programming experience (WDK / Unix||Linux) a significant plus
  • Hardware/Software reverse engineering, which often includes the use of tools (e.g., IDA Pro, Ghidra, Binary Ninja) to identify abstract concepts about the code flow of an application.
  • For Hardware reverse engineering, candidates are expected to have performed analysis of embedded devices, focusing primarily on identifying the software stack and points of entry to the hardware (e.g. not interested in FPGA reverse engineering, or other circuit reverse engineering).
  • Candidates who can merge low-level knowledge about compilation of C/C++ code with a nuanced understanding of system design to identify and exploit common vulnerability patterns. Candidates should be comfortable with, at a minimum, user-mode stack-based buffer overflows, and heap-based exploitation strategies.

Education/Qualifications:
  • Meets all qualifications of a CNO Vulnerability Researcher/Analyst II, but has the following increased experience and skill levels
  • Proven results from participation in vulnerability discovery efforts within the last twelve (12) months
  • Demonstrated ability to discover multiple previously unknown vulnerabilities (0-day) across multiple versions of similar technologies.

Pay Range: $260,000 to $300,000
The BTS pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Our approach to crafting offers considers various factors to establish an equitable and competitive compensation package. These considerations include, but are not limited to, the extent and intricacy of the role's responsibilities, the candidate's educational background, their work experience, and the specific competencies crucial for success in the role

BTS Software Solutions is an Equal Opportunity Employer (EOE). All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law

About BTS Software Solutions

BTS Software Solutions is a software development company that provides custom software solutions to businesses. The company was founded in 1998 by Dr. M. H. Dehghani. BTS Software Solutions' services include software development, web development, mobile app development, and IT consulting. The company has worked with clients in various industries, including healthcare, finance, and government.
Learn more about BTS Software Solutions
Size
100 employees
Industry

Similar Jobs

More Jobs at BTS Software Solutions

More Aerospace & Defense Jobs

Find similar Vulnerability Researcher III jobs: