Software Reverse Engineer - Mid

ID
2019-1824
Job Location
US-MD-Bethesda

Overview

Bluehawk is looking for a Software Reverse Engineer - Mid Level to work in Bethesda, MD or Reston, VA.

 

Responsibilities

In providing Software Reverse Engineering support, the Contractor shall provide
some or all of services as required:

 

  • Isolate, review, analyze, reverse-engineer, and modify malicious and nonmalicious
    programs and applications.
  • Write and produce technical reports related to the scope, nature, and
    characteristics of assessed software and applications suitable for distribution to both
    technical and non-technical audiences.
  • Work deep within the boot process, kernel, and system internals using tools
    like IDA Pro, debuggers, and in-target probes to research the behavior of binaries.
  • Analyze software and firmware using reverse engineering techniques to
    understand security vulnerabilities, working closely with teammates who value
    innovation and execution.
  • Share knowledge by clearly articulating ideas through papers and
    presentations to technical staff, management and Government decision makers.
  • With COR approval participate in working groups, sponsor meetings,
    proposal writing, and conferences.
  • Provide detailed understanding of how various software-based attacks work
    at the memory and register level.
  • Perform in-depth analysis (dynamic/static) on malicious software (i.e., bots,
    worms, Trojans) resident on Microsoft® WindowsTM and Linux based platforms to
    provide actionable intelligence and, as appropriate, provide remediation
    recommendations.
  • Analyze, disassemble, and reverse engineer software binaries; document and
    transition results in reports, presentations and technical exchanges.
  • Design, prototype, document, test and transition code analysis methods and
    tools appropriate for operational use.
  • Pro-actively identify, define and advocate reverse engineering and analysis
    processes, approaches and concepts to enhance/improve technical exploitation
    efforts.
  • Adequately explain, present, demonstrate [when applicable] and document
    the operational impact of a particular vulnerability.
  • Identify, define, determine origin and report on malware and other select
    software found on media of interest.

Qualifications

Contractor personnel assigned must have the following
qualifications:

 

  • Must have Bachelors of Science degree in Computer Science, Software
    Engineering, Computer Engineering, or Electrical Engineering and at least four (4)
    years of related experience. A Master of Science in Computer Science, Software
    Engineering, Computer Engineering, or Electrical Engineering may be substituted
    for two (2) years of required experience. A PhD degree in Computer Science,
    Software Engineering, Computer Engineering, or Electrical Engineering may be
    substituted for three (3) years of required experience.
  • Working experience with reverse engineering and network security tools,
    including IDA Pro, GDB, WinDdg, YARA, Windows Sysinternals, Kali Linux,
    and/or Wireshark.
  • Working level Programming knowledge/experience with either Windows
    Kernel, C, C++, Python and/or Assembly Language and the ability to work in a
    team environment using modern version control systems.
  • Working level experience in hardware configuration and network/data
    communications and protocols.
  • Working level experience in software engineering and scripting.
  • Working level experience conducting intelligence analysis and writing
    finished intelligence reporting.
  • Thorough experience/understanding of compiler specifics, operating system
    concepts, security models, and the causes of most vulnerabilities and how to exploit
    them. Preferably, experience coding and disassembling software on both Windows and
    Linux or other *BSD and Unix variants.
  • Working experience/knowledge of the types and techniques of cyber
    exploitation and attack, including virus, worm, Trojan horse, logic bomb, and
    sniffer to identify, quantify, prioritize, and report vulnerabilities in various
    architectures, networks, communications, applications, and systems.
  • Experience establishing defense mechanisms to detect and deflect Cyberattacks
    on networks and communications systems and structures and designing and
    evaluating applications that are secure from known and potential methods of Cyberattack.
  • Experience coordinating systems implementation activities with key
    personnel to ensure the successful transition from development to implementation
    and operation, presenting and defending a position, and to communicating with
    government and contractor team members.
  • Experience with virtualization, driver programming, and debugging.
  • Experience with ethical hacking and/or testing software vulnerabilities.
  • Experience with diagnosing and debugging software systems.
  • Contractor personnel may have Industry standard EnCE, and ACE, or CCE, or
    GIAC forensic certifications
  • Some of these requirements may be waived by the government.
  • Contractor personnel shall be required to complete and pass a written test, prior to
    beginning work on the contract.

 

Bluehawk, LLC. is an Equal Opportunity/Affirmative Action Employer/

/EOE Minority/Female/Disabled/Veteran/Sexual Orientation/Gender Identity/

 

Connect With Us!

Not ready to apply? Connect with us for general consideration.