Who we are

To address the scale needed by the rapid pace of software growth, companies need security tools that are automated and don't require lengthy manual analysis to sift out false positives. Our focus at ForAllSecure is to build the next-generation of security products that change how companies develop, test and deploy software.

Our tool, Mayhem, a fully autonomous cybersecurity system, was built utilizing over 12 years of research at Carnegie Mellon University and developed by a team of some of the best white-hat hackers in the world. In 2016, DARPA hosted the Cyber Grand Challenge, the world's first all-machine hacking tournament, in which Mayhem competed and took first place against industry and best challengers from academia. Since then, we have been bringing this product to market. The Mayhem solution makes software validation testing radically simpler with a powerful combination of intelligent fuzzing, symbolic execution, and checking of static security indicators.

To date, Mayhem has found vulnerabilities in multiple open source projects, components in production aircraft, and critical flaws in embedded devices. This is only the beginning, as we plan to have Mayhem bring automation, usability and scalability to testing of all of the world's commercial and government software projects.

What you'll do

As a Vulnerability Researcher for our Federal customers, you will be working with the same technology that won the DARPA Cyber Grand Challenge. The technology uses fuzzing, symbolic execution, and static analysis to help check software. You will be helping Federal customers analyze, automatically find and understand vulnerabilities to secure their code. Often our customers have never used an automated tool before to check for security vulnerabilities, and your work will help them systematize their cyber security efforts for their platforms.

Specifically, you will:

• Help configure, integrate, analyze and maintain Mayhem in the customer environments
• Create harnesses for Mayhem targets and debug integration issues
• Develop fuzzing harnesses for existing source code and reverse engineered binaries.
• Assist customers in triaging defects discovered through Mayhem.
• Debug/triage production issues
• Deliver training sessions and knowledge transfer sessions

Requirements

Software Development and/or Fuzzing Experience:

• Required hands-on knowledge of professional reverse engineering and program analysis tools
• Required hands-on vulnerability research on binaries or source code
• Hands-on experience with implementing solutions in C, C++, Java, Python
• Hands-on experience with reading and writing assembly in at least one common architecture (x86, ARM, etc)
• Understanding of low-level operating system concepts (memory management, process lifecycle, I/O systems, etc.)
• Understanding of modern exploitation techniques and mitigations/counter-measures
• Experience in designing and developing APIs and RESTFul services
• Familiarity with web security best practices and standards
• Experience with DevOps processes e.g. continuous integration, etc.

Education and Working Experience:

• Bachelor's or Master's Degree in Software Engineering, Computer Science or another engineering discipline is required. Alternatively, equivalent experience gained in military service will be considered.
• 5+ years working as a Vulnerability Researcher and/or Software Engineer or Consultant
• Previous Professional Services experience is a plus
• Government or military service is a plus

Consulting and Leadership Experience:

• Experience in serving as a coach, mentor, subject matter expert, and escalation point for customers, internal teams and colleagues
• Self-motivation and an ability to execute independently
• Multitasking and time management skills
• Strong verbal and written communication skills
• Ability to work in a remote setting with remote co-workers
• Washington DC area candidates, preferred
• Up to 30% travel may be required for Washington DC area candidates
• Up to 75% travel (or more) may be required for candidates from other geographies

Security Clearance: TS/SCI eligible. Active clearance required

Tech Exercise: The candidate will be provided with a binary and they will be asked to find vulnerabilities in this binary.