Note:

This opportunity is available to applicants who are willing to work or relocate to Virginia. The position requires on-site presence to support hands-on projects.

About Us:

Red Balloon Security (RBS) is a leading embedded security provider and research firm committed to securing embedded devices across a range of critical industries and shaping the future of the embedded security industry. Our expert team has pioneered foundational technologies deployed to secure millions of embedded devices currently in service. Today, we continue to research, develop, and commercialize new capabilities to protect embedded systems manufactured globally. Additionally, our R&D team consists of world-class academic researchers and developers, who consistently publish seminal research papers in the field of embedded security and perform high-profile research programs funded by the U.S. Government, including DARPA, Air Force, Space Force, Navy, and the Department of Homeland Security.

About the Opportunity

We are seeking a Senior Reverse Engineer to join our team and lead reverse engineering efforts on embedded hardware and software. This role entails dealing with substantial ambiguity, aligning and leading team members through project execution, making substantial individual contributions, and mentoring other engineers.

Responsibilities:

• Lead reverse engineering efforts on embedded hardware and software via individual contributions as well as directing and mentoring team members
• Identify vulnerabilities in embedded systems via static analysis, dynamic analysis, and/or side channel attacks
• Craft proof-of-concept exploits in support of customer engagements, utilizing shellcode and system analysis to achieve remote code execution, bypass secure boot, escalate privileges, and related techniques
• Build defensive security solutions to detect and prevent malicious attacks across a wide variety of embedded systems
• Develop software for automating vulnerability identification in embedded software
• Contribute to in-house software technologies, including OFRAK (Open Firmware Reverse Analysis Konsole) and Symbiote (embedded run-time protection)
• Design and develop automated hardware and software testing infrastructure

Requirements

• 5+ years of proven experience in software and/or hardware reverse engineering
• Expert-level understanding of software and/or hardware vulnerabilities and practical exploitation techniques
• Experience developing in an assembly language for at least one mainstream architecture
• Strong grasp of foundational Computer Science knowledge and principles
• Enthusiasm for designing and building low-level software solutions
• Proficiency in C/C++ and Python
• Existing security clearance or ability to obtain clearance
• Bachelor's Degree in Computer Science, Computer or Electrical Engineering, a related major or equivalent experience

Preferred skills

• Specialization in fuzzing and/or side channel attacks
• Proficiency with ARM / AARCH64 / MIPS / PPC assembly languages
• Experience writing research proposals and leading research projects
• Masters Degree or PhD in Computer Science, Engineering, or a related field

About You

• You are curious and have a high degree of self-initiative and self-motivation
• You enjoy collaborating with, learning from, and teaching other researchers and engineers
• You are passionate about building the future of embedded security and advancing the state of security for critical devices by leveraging novel technologies
• You are comfortable navigating ambiguity and pushing through to results