Cybersecurity & IoT Research Analyst

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Engineering, Computer Science, or related field (or equivalent experience).
• Strong foundation in cybersecurity principles, including network security, cryptography, and secure system design.
• Experience or coursework in wireless communications, RF systems, or IoT protocols.
• Hands-on experience with tools such as Wireshark, Kali Linux, Metasploit, or similar security testing frameworks.
• Familiarity with programming/scripting (Python, C/C++, or Java).
• Understanding of networking fundamentals and packet-level analysis.
• U.S. Citizenship required; ability to obtain a Secret clearance.

Nice To Haves

• Experience with RMF, ATO processes, or NIST 800-53 controls.
• Exposure to IoT security testing, embedded systems, or RF communications.
• Experience building or working with testbeds (e.g., Raspberry Pi, wireless mesh networks).
• Familiarity with cloud platforms (GCP, AWS) and containerization (Docker).
• Participation in cybersecurity competitions, research programs, or technical R&D initiatives.
• Experience analyzing attack vectors like replay attacks, packet injection, or unauthorized access in IoT systems.

Responsibilities

• Support Risk Management Framework (RMF) activities including control implementation, documentation, POA&Ms, and ATO readiness.
• Assist in system security architecture development, aligning IoT/embedded systems with DoD cybersecurity requirements.
• Conduct security assessments and support vulnerability management processes across hardware and software systems.
• Collaborate with ISSOs, ISSMs, and engineering teams to ensure compliance with NIST and DoD standards.
• Design and execute vulnerability testing across IoT and RF protocols (e.g., ZigBee, LoRaWAN, NB-IoT, Mist).
• Perform packet analysis, traffic inspection, and exploitation testing using tools like Wireshark, Kali Linux, and SDR frameworks.
• Simulate real-world attack vectors such as replay attacks, packet injection, device cloning, and resource exhaustion.
• Analyze protocol weaknesses such as centralized trust models, insecure key exchange, and lack of rate limiting.
• Support ongoing R&D efforts focused on IoT protocol security, wireless communications, and system resilience.
• Contribute to development of testbeds and experimental environments to simulate real-world deployments.
• Evaluate emerging technologies and security approaches to improve system architecture and defense-in-depth strategies.
• Document findings and translate research into engineering recommendations and product improvements.
• Support development of secure update mechanisms, device authentication workflows, and trust validation systems.
• Contribute to secure software and firmware design, including integrity validation and access control mechanisms.
• Assist in implementing protections against unauthorized access, tampering, and compromised device participation.
• Collaborate with DevSecOps and platform teams to integrate security into CI/CD pipelines and deployment workflows.
• Analyze quantitative and qualitative security data to assess system resilience and risk posture.
• Develop technical reports, briefings, and executive summaries to communicate findings and recommendations.
• Support customer-facing deliverables and contribute to proposal or R&D documentation efforts.