Vulnerability Researcher

APPLICATION INSTRUCTIONS:CURRENT PENN STATE EMPLOYEE (faculty, staff, technical service, or student), please login to Workday to complete the internal application process. Please do not apply here, apply internally through Workday. CURRENT PENN STATE STUDENT (not employed previously at the university) and seeking employment with Penn State, please login to Workday to complete the student application process. Please do not apply here, apply internally through Workday.If you are NOT a current employee or student, please click “Apply” and complete the application process for external applicants.Approval of remote and hybrid work is not guaranteed regardless of work location. For additional information on remote work at Penn State, see Notice to Out of State Applicants. ​  POSITION SPECIFICS​We are searching for a self-motivated Vulnerability Researcher to join our Cyberspace Operations Research Department at the Applied Research Laboratory (ARL) at Penn State University.  ARL/Penn State’s purpose is to develop innovative solutions to challenging national problems in support of the Navy, DoD, and Intel communities engineering and technology needs. The Cyberspace Operations Research Department provides technical expertise in adversarial tactics, techniques, and procedures (TTPs) to support system evaluation and provide security hardening support to various sponsors.  ARL is an authorized DoD SkillBridge partner and welcomes all transitioning military members to apply.You will:Research cutting edge techniques and technologies for system exploitationLeverage expertise in reverse engineering, vulnerability research, and software development to address established needs and investigate solutions to emerging requirementsApply software engineering best practices to create proof-of-concept tools and configure test environments to perform demonstrations to sponsors and partnersAssist the Cyberspace Operations Research Department Head in maintaining relationships with sponsors through on-site technical discussions, preparation and presentation of technical materials, and project-related correspondenceProvide process enhancement for technical functionality evaluation, vulnerability analyses, cyberspace operations engineering, and penetration testing projectsApply project management principles and methods to the leadership of tasks or projectsProvide guidance to lower-level engineers to foster professional growthAdditional responsibilities for higher level position includes:Understand broad strategic objectives and contribute to them; nurture and maintain relationships with major customers/grantors of external research and development grant fundingIdentify grant/project follow-on work and persuade customers/grantors to fund; impact customer decisions and strategiesInitiate new project concepts and seek funding; develop technical proposals and make presentations to customers/grant sponsorsMentor department staff in the development technical, project, and business development skillsRequired skills/experience areas include:Documented application of reverse engineering and vulnerability testing tools (e.g. Ghidra/IDA, Kali Linux, Angr/AFL++, QEMU/Unicorn, etc)Reverse engineering, vulnerability research, malware analysis, and/or CNO tool developmentComputer networking fundamentals, Windows and *NIX operating systems, X86(64) and ARM or MIPS architecturesCyber operations architecture and software engineering practicesSoftware programming, programming languages, and development environments (to include at a minimum C, Java, or Python)Ability to express technical information clearly and concisely in documents and presentations for senior leaders to successfully comprehend and leverage for decision makingActive government security clearance at TS/SCI level with eligibility for special accessesPreferred skills/experience areas include:Cybersecurity exploit development and test environment configurationCybersecurity penetration testing / cybersecurity Red Team testing / white hat hackingMilitary cyberspace operations or computer network operationsDemonstrated history of successful project initiation effortsAgile software development methodology and toolsAtlassian products (e.g., JIRA, Confluence)Your working location will be fully on-site located in Reston, VA, but options exist for occasional hybrid of on-site/work from home based on project-dependent ability. This position will require periodic travel to remote locations in support of testing as part of a small team of researchers, engineers, and technologists. MINIMUM EDUCATION, WORK EXPERIENCE & REQUIRED CERTIFICATIONSIf filled as Research and Development Engineer - Senior Professional, this position requires: Bachelor's Degree - Engineering or Science 14+ years of relevant experience Required Certifications: None If filled as Research and Development Engineer - Advanced Professional, this position requires: Bachelor's Degree - Engineering or Science 5+ years of relevant experience Required Certifications: None If filled as Research and Development Engineer - Intermediate Professional, this position requires: Bachelor's Degree - Engineering or Science 2+ years of relevant experience Required Certifications: None ARL at Penn State is an integral part of one of the leading research universities in the nation and serves as a University center of excellence in defense science, systems, and technologies with a focus in naval missions and related areas.FOR FURTHER INFORMATION on ARL, visit our web site at www.arl.psu.edu. BACKGROUND CHECKS/CLEARANCESEmployment with the University will require successful completion of background check(s) in accordance with University policies. All positions at ARL require candidates to possess the ability to obtain a government security clearance; you will be notified during the interview process if this position is subject to a government background investigation.  You must be a U.S. citizen to apply.  Employment with the ARL will