Lead Vulnerability Researcher/Reverse Engineer – National Capital Regional (DC/MD/VA) Preferred


CNF is looking for a Lead Vulnerability Researcher/Reverse Engineer to support one-of-a-kind cyberspace program and liaise with MARFORCYBER and Cyber National Mission Forces. You will work with a range of clients on a variety of projects with the goal of becoming a trusted advisor while keeping the program on schedule and budget. Whereas this role has a technical component to it, the position is managerial, specifically program management of a large VR/RE program.


The selected candidate will have the following program management and technical experience/skills:

*Bachelor’s (or higher) degree in a STEM field with 10+ years VR/RE development experience (degree may be substituted for 14+ years of VR / RE / exploit development experience)
*Active Top-Secret clearance with SCI eligibility and a CI Poly
*Possess both an understanding of real-world mission objectives and a working grasp of software development practices and technologies.
*Vulnerability Analysis (3 years)
*Exploit Development (3 years)
*Reverse Engineer (3 years)
*In-depth understanding of exploit mitigations such as address space layout randomization (ASLR), data execution prevention (DEP), return oriented programming (ROP) (3 years)
*In-depth knowledge of Linux and Android kernels, SELinux/SEAndroid (3 years)
*Low-level operating systems experience for Android (Could be Linux background) (3 years)
*Linux/Android kernel development (3 years)
*Reduced Instruction Set Computer assembly (3 years)
*C Programming (3 years)
*Reverse Engineering (Using tools such as IDA Pro, Binary Ninja and Ghidra) (3 years)


In this role you will:

*Manage cost, schedule, and technical performance to achieve performance metrics and customer requirements defined in the contract.
*Effectively communicate with government customers, subcontract partners, and senior management at CNF.
*Serve as the primary point of contact for the Government on all items relating to contract administration.
*Manage a diverse team of technical and development personnel, management, business customers, and vendors in a constructive and effective manner.
*Proactively initiate, develop, and maintain effective working relationships with all stakeholders (acquisition, vendors, independent testers, and users).
*Recommend and develop technical solutions, products, and standards based on current and desired customer objectives.
*Develop information for decision briefs for senior leadership to use in making decisions on recommended solutions and areas requiring process improvement within the program, process, and execution.
*Continuously develop and review internal program procedures for program efficiencies and compliance.
*Cultivate and sustain excellent long-term customer relationships.


The ideal candidate will be familiar with the following:

*Program Management Professional (PMP).
*10+ yrs PM experience in the DoD cyberspace domain.
*Working knowledge of all elements of software development life cycle processes to include delivery of capabilities to CNMF.
*Understanding of Agile Scrum methodologies.
*Knowledge of DoD, USCYBERCOM, and MARFORCYBER testing methodologies and processes.


National Capital Region (DC/MD/VA) (preferred)