Computer Science: Computer Design and Engineering, Computer Science: Information Systems, Computer Science: Security and Encryption
4 Year Degree
Enabling Intelligence Advantage to Ensure Global Peace.
We are seeking cybersecurity professionals who are curious about systems and how they really work under the hood to join talented, high-energy teams that are analyzing non-traditional cyber systems for vulnerabilities and threats. Are you passionate about analyzing systems at the interface between hardware and software? Do you want to apply your knowledge of computer architecture, operating system internals, common exploitation paths, and modern mitigation techniques in the use of fuzzing, debugging, and decompiling tools for static and dynamic analysis of source code and binaries? Do you excel at identifying system vulnerabilities and crafting proof-of-concept exploits and accompanying mitigations to enable the defense of systems vital to national security? If so, you will want to consider applying for this opportunity.
On any given day, you may be called on to:
Hack embedded systems, control systems, mobile devices, IOT devices, or other non-traditional information systems
Assess vulnerabilities of software or hardware
Fuzz complex systems
Reverse engineer software applications, operating systems, device drivers, or compilers
Develop proof-of-concept exploits and their accompanying mitigations
Develop tools for the automation of vulnerability assessment and reverse engineering tasks
Conceptualize, propose, and execute high-risk, multi-year research and development thrusts
Collaborate, teach, and mentor fellow researchers across the Labs and at partner organizations
Collaborate with external organizations in academia, industry, and government
Travel domestically and internationally to support current efforts and identify new opportunities for growing our capabilities and impact
When applying to this requisition, you may be interviewed by and/or hired into one of several organizations specializing in reverse engineering, vulnerability assessments, computer/network security, emulation, embedded systems, and industrial control systems.
Sandia’s cybersecurity experts are key contributors in addressing the country’s most pressing national security needs. In the Threat Intelligence Center, the mission of the Information Operations Program is to assess, design, implement and influence the development of national security-related information systems and technologies in support of Defense and Intelligence customers and their national security missions.
The Information Operations program consists of approximately 200 R&D technical staff working in most of the subdomains encompassed by the term “cybersecurity”.
Our technical backgrounds are diverse. Some of us have spent years focusing on the fine details of particular technologies and are recognized as nation-level experts. Some of us are generalists and move from project to project—keeping things connected and developing new skills.
Specialists and generalists work together—neither is more important than the other, and it is easy to shift between project and technical roles over time. Our researchers work with significant autonomy.
Our teams strive to push forward and dramatically impact both the R&D and customer missions. We accept that high-risk projects sometimes fail.
If this environment sounds appealing, you would excel here.
Sandia National Laboratories is the nation’s premier science and engineering lab for national security and technology innovation, with teams of specialists focused on cutting-edge work in a broad array of areas. Some of the main reasons we love our jobs:
Challenging work with amazing impact that contributes to security, peace, and freedom worldwide
Some of the best tools, equipment, and research facilities in the world
Career advancement and enrichment opportunities
Flexible schedules, generous vacations, strong medical
and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance*
World-changing technologies. Life-changing careers. Learn more about Sandia at: http://www.sandia.gov
*These benefits vary by job classification.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
Master’s degree in a related discipline plus 2 years of relevant experience; or Bachelor’s degree in a related discipline plus 5 years of relevant experience; or 13 years of relevant experience to include a published talk at Black Hat or REcon, or a verifiable bug bounty reward or vulnerability disclosure
Experience in one or more of the following: reverse engineering; vulnerability assessment; malware analysis; operating systems internals and development (Windows, MacOS, Linux, Android, iOS); computer architecture
Experience with programming languages (e.g., C, C++, Java, Go)
Experience with at least one assembly language (e.g., ARM, MIPS, PowerPC, 8051, x86, x64)
Degree(s) in Computer Science/Engineering, Electrical Engineering, Computer Information Systems, Computer Forensics, Information Security, Mathematics, or Statistics
Experience in any of the following: compilers; firmware; developing Windows/Linux drivers; deciphering known and unknown file formats; building tools to support reverse engineering or vulnerability assessment; auditing source code; dynamic analysis; fuzzing complex programs; hypervisor technologies
Familiarity with state-of-the-art mitigations (e.g., ASLR, DEP, sandboxing, code signing, CFI) and the attack techniques they are intended to thwart (e.g., overflows, use after free, information disclosure, ROP)
Experience using analysis, reverse engineering, and debugging tools (e.g., angr, BAP, IDA Pro, gdb, Hopper, libVMI, lldb, LLVM sanitizer, otool, AFL, PINtools, or windbg)
Experience auditing source code in C, C++, Java, Python, assembly, or other languages
Experience with user- and kernel-mode debuggers
Familiarity with common binary file formats
Capture-the-flag (CTF) experience
Comfort with Python and other scripting languages
Experience conducting research resulting in creative technical solutions
Strong oral and written communication skills and an ability to explain complex ideas clearly and concisely (technical documentation writing samples may be requested)
Strong interpersonal skills and the ability to work well in a team environment
Ability to multitask and meet deadlines on a variety of activities
Willingness to learn and continually upgrade skills
Current DoE clearance OR equivalent US government security clearance
Position requires SCI access.
Position requires a Department of Energy (DOE) Q-level security clearance and SCI access. SCI access may require a polygraph examination.
Sandia is required by DOE to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants for employment must be able to obtain and maintain a DOE Q-level security clearance and SCI access, both of which require US citizenship. SCI access may also require a polygraph examination. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain these levels of access may be impacted.
Applicants offered employment with Sandia are subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by the DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment.
Internal Number: 664721
About Sandia National Laboratories
Sandia National Laboratories is the nation's premier science and engineering lab for national security and technology innovation with major facilities in Albuquerque, New Mexico and Livermore, California. We are a world-class team of scientists, engineers, technologists, post docs, and visiting researchers all focused on cutting-edge technology, ranging from homeland defense, global security, biotechnology, and environmental preservation to energy and combustion research, computer security, and nuclear defense. To learn more, please visit our website at www.sandia.gov.