About the position
Join the Exploitation Sector at Two Six Technologies, where we push the boundaries of software and firmware reverse engineering to uncover vulnerabilities in wireless and embedded systems. As part of our elite team of security researchers, you’ll work alongside CNO developers and hardware engineers, conducting cutting-edge vulnerability research on complex, real-world targets. Our government customers rely on us to deliver mission-critical security solutions, and we’re looking for a Senior Software Reverse Engineer who thrives on reverse engineering embedded systems, discovering security weaknesses, and developing innovative proof-of-concept exploits. If you’re passionate about wireless security, embedded firmware analysis, and making an impact on national security, we want you on our team.
Responsibilities
- Reverse engineer wireless and embedded systems, identifying vulnerabilities and assessing their security impact.
- Develop proof-of-concept exploits for discovered vulnerabilities following DevOps best practices for keeping code bases organized and maintainable.
- Analyze firmware, software protections, and wireless protocols to uncover security flaws.
- Utilize and develop custom tools to analyze and manipulate software/firmware binaries.
- Collaborate closely with CNO developers, vulnerability researchers, and hardware engineers in a fast-paced, small-team environment.
- Solve complex technical challenges with no predefined solutions.
Requirements
- Bachelor’s (or higher) degree in Computer Science, Computer/Electrical Engineering, or a related field (or equivalent practical experience).
- 5+ years of experience with programming/scripting languages in C/C++, Python, and Linux command-line environments.
- Experience with reverse engineering and vulnerability research, using tools such as IDA Pro, Binary Ninja, or Ghidra.
- Expertise in one or more of the following: Firmware analysis (ARM, MIPS, PowerPC, RTOS), Firmware rehosting using emulation tools such as QEMU, Fuzzing and exploit development, Binary obfuscation and anti-analysis techniques, Wireless protocols and radio signal analysis, File system forensics and fault injection frameworks.
Nice-to-haves
- Experience scripting with Binary Ninja API or Ghidra.
- Experience in embedded software development using C/C++ for RTOS or Linux environments.
- Knowledge of cryptographic security and secure boot mechanisms.
- Hands-on experience working with hardware debugging tools, JTAG/SWD, or software-defined radio (SDR) frameworks.
- Familiarity with digital signal processing, wireless security protocols, RF signal processing, and side-channel analysis.
- Client-facing experience in technical roles.
- Active TS/SCI with Polygraph preferred.
Benefits
- Medical, dental, and vision insurance
- Life and disability insurance
- Retirement benefits
- Paid leave
- Tuition assistance
- Professional development
