The Specialist performs full hardware reverse engineering tasks across multiple types of computer and network devices, Windows/Linux hosts, mobile devices, internet-of-things (IOT), and other hardware as requirements determine. The Specialist will assist in the prioritization of all hardware reverse engineering work, assingment of caseloads, and deliverables. The candidate is expected to keep up with industry reverse engineering best practices and industry accepted methodologies, in addition to responsibility for the overall quality control of all hardware investigations and related reporting.
1. Performs Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents.
2. Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
3. Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
4. Evaluate firewall change requests and assess organizational risk.
5. Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
6. Assists with implementation of counter-measures or mitigating controls.
7. Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
8. Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
9. Prepares incident reports of analysis methodology and results.
10. Provides guidance and work leadership to less-experienced technical staff members.
11. Maintains current knowledge of relevant technology as assigned.
12. Participates in special projects as required.
Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
Required Skills & Experience:
- 5-8 years of related experience in data security administration
- Minimum 7 years of progressively responsible experience performing hardware reverse engineering, forensic investigations, and cyber security incident response
- Minimum 5 years of experience conducting hardware reverse engineering investigations
- Experience performing low-level data extraction Joint Action Test Group (JTAG), chip-off, etc.
- Experience identifying vulnerabilities and modifications to hardware
- Understanding of computer engineering and hardware design, including digital logic design and printed circuit board design
- Understanding of hardware-level security exploits, inlcuding signal injection and side-channel analysis
- Experience in soldering, including equipment and materials required to perform removal and replacement of surface mount devices
- Experience in the operation and use of digital oscilloscopes, spectrum analyzers, multi-meters, logic analyzers, signal generators, and specialized radio test systems
Desired Skills & Experience:
- Certified Reverse Engineering Analyst (CREA) and/or GIAC Reverse Engineering Malware (GREM)
- Experience with data recovery tools (PC-3000) and techniques
- Demonstrated experience using commercial (e.g., IDA Pro, Hex-Rays, WinDbg) and open source (e.g., OllyDbg, Radare, GDB) tools and methods to perform software and malware reverse engineering investigations
- Demonstrated experience writing code (e.g., C, C++, Python) to perform repetitive tasks such as simulating domain generation algorithms
- Demonstrated experience in analyzing disassembled code for x86-64 and ARM (32 and 64 bit)
As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.
Software Powered by iCIMS