[Hiring] Senior Specialist, Security Research Engineer @L3HHCM20

Role Description

L3Harris has an immediate opening for a Senior Security Software Research Engineer with our security group, Trenchant. Our teams are comprised of elite security researchers and former intelligence professionals with a fixation on realizing mission outcomes. We are pursuing top-tier senior security researching talent with experience across a host of technologies and paradigms. Our business unit offers an exceptional value-proposition for individuals looking to make an impact.

Trenchant’s expertise is the by-product of the L3Harris acquisition of two highly-regarded information security businesses – Azimuth Security and Linchpin Labs. United under Trenchant, we are a key component of L3Harris’ Intelligence and Cyber International Division. We are a trusted, discrete partner furnishing security products, consultancy, training and integration services to allied security, defense, and law enforcement agencies.

• Finding vulnerabilities in ubiquitous Internet-deployed software and/or popular devices’ software or firmware.
• Constructing exploits for vulnerabilities discovered by yourself or your team.
• Guiding the teams technical outcomes to measurable deliverables for the organization.
• Training, management and provision of guidance to all levels of team members.
• Regular interaction with managers and customer-facing staff members to field queries and questions about technical work.
• Ability to obtain and maintain security clearance.
• Take an active role in cross-team projects when required.

Qualifications

• Bachelor’s Degree with a minimum 6 years prior relevant experience.
• Graduate Degree with a minimum of 4 years of prior related experience.
• In lieu of a degree, minimum of 10 years of prior related experience.

• 5+ years of Vulnerability Research, reverse engineering, and bug-hunting.
• Experience with static and dynamic binary analysis.
• Experience with iOS, Android, Windows, Linux, or embedded systems kernel, user land, and internals or browser internals.
• Experience with common tools in security research (e.g. IdaPro, Ghidra, Radare, Binary Ninja, AFL, SysInternals, GDB, WinDBG, etc).
• Experience with common programming languages (e.g. C/C++, Python, Swift, etc).
• Experience with common architectures (e.g. x86/64, ARM, AARCH64, MIPS, PowerPC, TILEGX, etc).
• Experience with modern security system features, exploit mitigations, and evasion techniques (e.g. defeating ASLR, DEP, Control Flow Guard, ROP, Security Product/AV Evasion, etc).
• Experience with a wide-range of modern exploitation concepts and techniques.
• Experience with Computer Network Operations / Computer Network Exploitation.
• Experience with symbolic execution and emulation software (e.g. QEMU, Corellium, VHDL, etc).
• Cryptographic experience (e.g. side-channel attacks, implementing AES, etc).
• Experience teaching and mentoring junior vulnerability researchers.
• Bespoke fuzzer development experience.

Requirements

• In compliance with pay transparency requirements, the salary range for this role in California, Massachusetts, New Jersey, Washington, and the Greater D.C, Denver, or NYC areas is $111,500 - $207,500.
• The salary range for this role in Colorado state, Hawaii, Illinois, Maryland, Minnesota, New York state, and Vermont is $97,000 - $180,000.
• This is not a guarantee of compensation or salary, as final offer amount may vary based on factors including but not limited to experience and geographic location.

Benefits

• Health and disability insurance.
• 401(k) match.
• Flexible spending accounts.
• EAP.
• Education assistance.
• Parental leave.
• Paid time off.
• Company-paid holidays.