Carnegie Mellon University

Reverse Engineer Researcher

Carnegie Mellon University

full-time

Posted on:

Location Type: Hybrid

Location: Arlington • Pennsylvania, Virginia • 🇺🇸 United States

Visit company website
AI Apply
Apply

Job Level

SeniorLead

Tech Stack

JavaPython

About the role

  • Reverse engineer malicious code in support of high-impact customers, design and develop new analysis methods and tools
  • Work to identify and address emerging and complex threats, and effectively participate in the broader security community
  • Perform in-depth reverse engineering of malicious code, document and transition results in reports, presentations, and technical exchanges
  • Explore ways to use artificial intelligence to support of reverse engineering and apply reverse engineering practices to artificial intelligence systems
  • Design, prototype, and transition new analysis methods and tools
  • Identify and document emerging and complex active security threats
  • Participate in the broader security community through collaboration, papers, and presentations

Requirements

  • BS in Computer Science or related discipline with eight (8) years of experience; OR MS in the same fields with five (5) years of experience; OR PhD in the same fields with two (2) years of experience
  • Experience with or knowledge of Reverse engineering software binaries for a variety of architectures, both at the user level and kernel level
  • Static analysis tools (e.g. IDA Pro, NSA Ghidra, Binary Ninja)
  • User-level and kernel-level debuggers (e.g. x32dbg, x64dbg, gdb, WinDbg)
  • Native programming languages (e.g. C/C++)
  • High-level programming languages (e.g. Java, Python, GoLang, etc.)
  • Software engineering and design concepts
  • Firmware and device driver development
  • Malware tradecraft and threat actor tactics, techniques, and procedures (TTPs)
  • Malware signature creation and use, independent of detection technology
  • Operating system concepts and internals and binary file formats (e.g. PE, ELF, Mach-O, etc.)
  • Internet Protocols and network analysis tools (e.g. Wireshark, netcat, etc.)
  • Compiler theory, cryptography, and malware deobfuscation techniques
  • Mobile device development and reverse engineering
  • Malware sandboxes or instrumentation frameworks (e.g., Frida, QEMU, Unicorn Engine)
  • General understanding and experience in artificial intelligence and machine learning and using artificial intelligence to support reverse engineering and malware analysis
Benefits
  • Get 8% monthly contribution for your retirement, without having to contribute yourself
  • Get tuition benefits to CMU and other institutions for you and your dependent children
  • Enjoy a healthy work/life balance with flexible work arrangements and paid parental and military leave
  • Get access to university resources including mindfulness programs, childcare and back-up care benefits, a monthly transit benefit on WMATA, free transportation on the Pittsburgh Regional Transit System
  • Enjoy annual professional development opportunities; attend conferences and training or obtain a certification and get reimbursed for membership in professional societies
  • Qualify for relocation assistance and so much more

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
reverse engineeringstatic analysismalware analysisfirmware developmentdevice driver developmentmalware signature creationoperating system conceptscompiler theorycryptographymalware deobfuscation
Soft skills
collaborationcommunicationpresentation skillsdocumentation