We are looking for a Mobile Security Engineer for our Device Inspection and Analysis Lab in Columbia, MD. Our work is complex and engaging and we make sure our engineers have the environment and tools they need to get the job done. Our Engineers analyze devices to understand how they work and how they behave when they break. We are involved with both Red and Blue Team engagements. Many of our engineers spend time taking systems apart, writing tools to augment COTS tools, and reverse engineering custom software.
- Experience with coding and scripting language
- Deep understanding of operating system security mechanisms
- At least 3 years’ applied experience with Penetration Testing, Vulnerability Management, attack methodologies, forensics analysis techniques, and/or malware analysis.
- Knowledge of common vulnerability classes (e.g., buffer overflows, use after free, race conditions, etc.)
- Familiarity with Linux, including knowledge at all layers (boot, kernel space, user space).
- Familiarity with Android or iOS security mechanisms.
- Experience using debuggers such as gdb, DDMS, WinDBG
- Experience using reverse engineering tools such as IDA Pro, Binary Ninja, or Radare2.
- Understanding of network protocols (TCP/IP stacks, RF communications, routing protocols, or others).
- Experience developing mitigations and recommendations for strengthening the overall security posture.
- Motivation to research and remain up to date with emerging threats and technologies.
- Provide subject matter expertise to support detection, analysis, and mitigation of malware, trends in malware development and capabilities, and proficiency with malware analysis capabilities.
- Experience developing custom exploits and exploitation tools.
- Offensive Security Certified Professional (OSCP) certification, or comparable certification.
- BS degree in computer science, computer engineering, or related field and 2 years’ experience. Candidates with at least 4 years of strong related work experience will also be considered.
- Current DoD Secret Clearance is required due to government contracts.
Tresys Technology, LLC (www.tresys.com) is a leader and trusted partner in cybersecurity. Our in-depth solutions are vital to helping our commercial, defense, intelligence, federal civilian agency and critical infrastructure customers meet ever-evolving cybersecurity threats. From network and perimeter defense to product security analysis to the practical application of SELinux, we deliver solutions that protect and connect the world’s most critical networks and platforms.
Headquartered in Columbia, MD, Tresys employs around 50 full-time associates dedicated to solving difficult security problems for our clients. We offer a full benefit package that includes Health Insurance, 401K, Paid Time Off, Tuition Reimbursement, and more. With an environment that promotes casual dress and flexible work hours, we can focus on producing results for our clients. Innovative security solutions are our business; valuing people is our culture. We will provide our engineers with:
- Interesting problems at the heart of operating system security.
- An exciting, stable, small business work environment where creative thinking, expert software development skills, and team work are highly valued and rewarded.
- The freedom and autonomy you need to tackle challenging technical problems.
- Customers that need secure devices today to accomplish important work and missions.
EOE AA M/F/VET/DISABILITY