This site uses cookies. To find out more, see our Cookies Policy

Mobile Security and Vulnerability Engineer in Quantico, VA at Booz Allen Hamilton Inc.

Date Posted: 12/10/2018

Job Snapshot

Job Description

Job Number: R0034592

Mobile Security and Vulnerability Engineer

Key Role:
Apply knowledge of technical work and expertise in problem solving to tackling challenging, mission-critical projects that have a direct impact on national security and criminal investigations. Leverage expertise in software reverse engineering and vulnerability on embedded platforms, including Android and iOS, to discover security flaws, data leakages, and code exploitation vulnerabilities. Analyze proof of concept code and document discoveries for an internal knowledge base that will assist the IC community. Be a part of an experienced and diverse reverse engineering team working on cutting-edge technologies. This position allows for flexible work arrangements, including possible remote delivery.

Basic Qualifications:

-3+ years of experience with vulnerability research, including reverse engineering or exploit development

-Experience with performing vulnerability research via source code review or fuzzing

-Experience with popular binary reverse engineering disassemblers and decompiles, including IDA Pro, Hopper, JEB, or Radare2

-Experience with active debugging software, including LLDB, GDB, or OllyDbg

-Knowledge of common processor architectures, including x86 and x64 and arm and arm64 and how modern operating systems work

-Ability to review source code and identify vulnerabilities

-Ability to work independently and with a team of reverse engineers, exploit developers, and software engineers.

-Secret clearance required
-HS diploma or GED

Additional Qualifications:

-Experience with reverse engineering mobile platforms, including iOS and Android

-Experience with identifying and exploiting memory corruption bugs, including stack and heap overflows

-Experience with bypassing common exploit mitigation techniques, including ASLR or stack cookies

-Experience with software development in C/C++, C#, Java, Python, or equivalent

-Experience with binary file format reverse engineering

-Experience with analyzing networking traffic, including using software such as Wireshark, Burp Suite, MITM, or similar

-Knowledge of basic cryptography concepts and common weaknesses

-Knowledge of penetration testing techniques on mobile and Web platforms, including session hijacking, cross-site scripting, or SQL injection

-Top Secret clearance

-BA or BS degree

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

JHT

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.


Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.