Senior Reverse Engineer

AnaVation

  • Lorton, VA
  • Permanent
  • Full-time
  • 16 days ago
  • Apply easily
Be Challenged and Make a DifferenceIn a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At AnaVation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture.AnaVation is seeking a driven and innovative Senior Reverse Engineer to support our mission-critical customer in Lorton, VA. At AnaVation we partner with federal agencies to deliver groundbreaking analytics and innovation solutions.Responsibilities:· Positions are staffed to provide mobile-focused software reverse engineering and vulnerability research expertise.· This role is focused on vulnerability identification and exploitation development of one of many layers of the mobile stack, including device firmware, mobile operating systems, and first and third-party mobile applications.· Candidates shall also possess unique software development skills to aid the team in reverse engineering and rapid response challenges.· Personnel serve as a part of and research team consisting of mobile device and mobile data exploitation specialists.· Candidates will be required to possess experience in binary reverse engineering and software exploit discovery.· Senior Level Reverse Engineer candidates are expected to possess a minimum of 6 years' experience.This position is currently hybrid (partially remote with two days per week on-site with our customer in Lorton, VA. Remote status is subject to change at the customer's direction, but is expected to continue. There will also be several workshops throughout the year where engineers will collaborate on site and travel for 1 to 2 weeks.This position requires an active Top-Secret clearance and the ability to obtain SCI access with a CI polygraph.\nRequired Qualifications:
  • Experience using industry standard RE tools (IDA Pro, Ghidra, JEB, Hopper) to determine how closed-source software functions
  • Experience developing, debugging and/or reverse engineering code for popular mobile programming languages (i.e., Java, Objective-C, Swift, etc.)
  • Experience with mobile device forensic analysis to include mobile device reverse engineering
  • Experience determining how files are structured and identifying standard methods for encoding data
  • Comfortable viewing, analyzing, and understanding raw binary data
  • Ability to write programs in a variety of languages, such as C, C++, C#, Python and Java
  • Understanding of how operating systems function, such as the separation between kernel and user space
  • Knowledge of common mobile architectures and their associated instructions, including x86, ARM, and ARM64
  • Experience working on multiple OS platforms, including Linux, Mac, Windows, Android, and iOS
  • Experience with iOS and Android mobile development languages, including Java, Objective-C, or Swift
  • Possession of exceptional interpersonal skills, including ability to: work alongside others, teach co-workers and clients/customers, and learn new technical trades and become a resident expert within a team
  • Previous experience working in an agile development in Agile development teams for the development of software tools, including the ability to manage workloads through issue tracking software
  • BA or BS degree with a preference in the areas of Computer Science, Electrical Engineering, Computer Engineer, or related discipline.
Desired Qualifications:
  • Experience in identifying and exploiting vulnerabilities, such as memory corruption through stack overflows, heap overflows, integer overflows, and logical flaws
  • Experience with mitigation to deter exploitation, such as ASLR, code signing, non-executable memory protections, and sandboxing
  • Experience with methods to bypass exploit mitigation and detection techniques
  • Experience with writing and running data fuzzers
  • Expertise in analyzing results to identify vulnerabilities
  • Understanding of how symmetrical and asymmetrical encryption functions and is implemented in various code flows
  • Experience with relational database management systems (i.e., SQL and SQLite)
  • Ability to analyze and decode data packets over a networked connection, and experience with network analysis tools (e.g., Wireshark)
  • Knowledge of how IP/Serial based protocols work and how to reverse their format including checksums, MACs, encoding formats, HTTP, XML, etc.
\nBenefits· Generous cost sharing for medical insurance for the employee and dependents· 100% company paid dental insurance for employees and dependents· 100% company paid long-term and short term disability insurance· 100% company paid vision insurance for employees and dependents· 401k plan with generous match and 100% immediate vesting· Competitive Pay· Generous paid leave and holiday package· Tuition and training reimbursement· Life and AD&D InsuranceAbout AnaVationAnaVation is the leader in solving the most complex technical challenges for collection and processing in the U.S. Federal Intelligence Community. We are a US owned company headquartered in Chantilly, Virginia. We deliver groundbreaking research with advanced software and systems engineering that provides an information advantage to contribute to the mission and operational success of our customers. We offer complex challenges, a top-notch work environment, and a world-class, collaborative team.If you want to grow your career and make a difference while doing it, AnaVation is the perfect fit for you!AnaVation is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

AnaVation