R&D Cybersecurity - Low-level Reverse Engineer (Experienced)

Sandia National Laboratories

  • 97 user views 0 comments
  • 1515 Eubank Bld NE Albuquerque, NM 87185
    Sandia National Laboratories
    Nov 26, 2018

Enabling Intelligence Advantage to Ensure Global Peace.

We are seeking cybersecurity professionals who are curious about systems and how they really work under the hood to join talented, high-energy teams that are analyzing non-traditional cyber systems for vulnerabilities and threats. Are you passionate about analyzing systems at the interface between hardware and software? Do you want to apply your knowledge of computer architecture, operating system internals, common exploitation paths, and modern mitigation techniques in the use of fuzzing, debugging, and decompiling tools for static and dynamic analysis of source code and binaries? Do you excel at identifying system vulnerabilities and crafting proof-of-concept exploits and accompanying mitigations to enable the defense of systems vital to national security? If so, you will want to consider applying for this opportunity.

On any given day, you may be called on to:

  • Hack embedded systems, control systems, mobile devices, IOT devices, or other non-traditional information systems
  • Assess vulnerabilities of software or hardware
  • Fuzz complex systems
  • Reverse engineer software applications, operating systems, device drivers, or compilers
  • Develop proof-of-concept exploits and their accompanying mitigations
  • Develop tools for the automation of vulnerability assessment and reverse engineering tasks
  • Conceptualize, propose, and execute high-risk, multi-year research and development thrusts
  • Collaborate, teach, and mentor fellow researchers across the Labs and at partner organizations
  • Collaborate with external organizations in academia, industry, and government
  • Travel domestically and internationally to support current efforts and identify new opportunities for growing our capabilities and impact

When applying to this requisition, you may be interviewed by and/or hired into one of several organizations specializing in reverse engineering, vulnerability assessments, computer/network security, emulation, embedded systems, and industrial control systems.

Department Description:

Sandia’s cybersecurity experts are key contributors in addressing the country’s most pressing national security needs. In the Threat Intelligence Center, the mission of the Information Operations Program is to assess, design, implement and influence the development of national security-related information systems and technologies in support of Defense and Intelligence customers and their national security missions.

The Information Operations program consists of approximately 200 R&D technical staff working in most of the subdomains encompassed by the term “cybersecurity”.

Our technical backgrounds are diverse. Some of us have spent years focusing on the fine details of particular technologies and are recognized as nation-level experts. Some of us are generalists and move from project to project—keeping things connected and developing new skills.

Specialists and generalists work together—neither is more important than the other, and it is easy to shift between project and technical roles over time. Our researchers work with significant autonomy.

Our teams strive to push forward and dramatically impact both the R&D and customer missions. We accept that high-risk projects sometimes fail.

If this environment sounds appealing, you would excel here.

About Sandia:

Sandia National Laboratories is the nation’s premier science and engineering lab for national security and technology innovation, with teams of specialists focused on cutting-edge work in a broad array of areas. Some of the main reasons we love our jobs:

  • Challenging work with amazing impact that contributes to security, peace, and freedom worldwide
  • Extraordinary co-workers
  • Some of the best tools, equipment, and research facilities in the world
  • Career advancement and enrichment opportunities
  • Flexible schedules, generous vacations, strong medical
  • and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance*

World-changing technologies. Life-changing careers. Learn more about Sandia at: http://www.sandia.gov

*These benefits vary by job classification.

EEO Statement:

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.


  • Master’s degree in a related discipline plus 2 years of relevant experience; or Bachelor’s degree in a related discipline plus 5 years of relevant experience; or 13 years of relevant experience to include a published talk at Black Hat or REcon, or a verifiable bug bounty reward or vulnerability disclosure
  • Experience in one or more of the following: reverse engineering; vulnerability assessment; malware analysis; operating systems internals and development (Windows, MacOS, Linux, Android, iOS); computer architecture
  • Experience with programming languages (e.g., C, C++, Java, Go)
  • Experience with at least one assembly language (e.g., ARM, MIPS, PowerPC, 8051, x86, x64)


  • Degree(s) in Computer Science/Engineering, Electrical Engineering, Computer Information Systems, Computer Forensics, Information Security, Mathematics, or Statistics
  • Experience in any of the following: compilers; firmware; developing Windows/Linux drivers; deciphering known and unknown file formats; building tools to support reverse engineering or vulnerability assessment; auditing source code; dynamic analysis; fuzzing complex programs; hypervisor technologies
  • Familiarity with state-of-the-art mitigations (e.g., ASLR, DEP, sandboxing, code signing, CFI) and the attack techniques they are intended to thwart (e.g., overflows, use after free, information disclosure, ROP)
  • Experience using analysis, reverse engineering, and debugging tools (e.g., angr, BAP, IDA Pro, gdb, Hopper, libVMI, lldb, LLVM sanitizer, otool, AFL, PINtools, or windbg)
  • Experience auditing source code in C, C++, Java, Python, assembly, or other languages
  • Experience with user- and kernel-mode debuggers
  • Familiarity with common binary file formats
  • Capture-the-flag (CTF) experience
  • Comfort with Python and other scripting languages
  • Experience conducting research resulting in creative technical solutions
  • Strong oral and written communication skills and an ability to explain complex ideas clearly and concisely (technical documentation writing samples may be requested)
  • Strong interpersonal skills and the ability to work well in a team environment
  • Ability to multitask and meet deadlines on a variety of activities
  • Willingness to learn and continually upgrade skills
  • Current DoE clearance OR equivalent US government security clearance

Security Clearance:

Position requires SCI access.

Position requires a Department of Energy (DOE) Q-level security clearance and SCI access. SCI access may require a polygraph examination.

Sandia is required by DOE to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants for employment must be able to obtain and maintain a DOE Q-level security clearance and SCI access, both of which require US citizenship. SCI access may also require a polygraph examination. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain these levels of access may be impacted.

Applicants offered employment with Sandia are subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by the DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment.