Apply on Employer Site

Physics World · 3 weeks ago

Senior Security Researcher

Livermore, CA

Full-time

Hybrid

Senior Level

$169K/yr - $257K/yr

Lawrence Livermore National Laboratory (LLNL) is seeking a Senior Security Researcher to lead efforts in developing techniques and tools for red teaming to enhance the security of critical infrastructure systems. The role involves conducting advanced cyber research, vulnerability assessments, and collaborating with stakeholders to drive innovative cybersecurity solutions.

Publishing

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Guide and support advanced cyber research projects leveraging creative and automated methods to identify vulnerabilities in software, firmware, and operational technology systems

Collaborate in the development of technical requirements for red team operations, penetration testing, and adversarial simulation capabilities at LLNL

Analyze and assess novel software, firmware, and malware to uncover weaknesses, malicious behavior, and potential attack vectors, creating repeatable workflows to support future red team engagements

Conduct in-depth source code, binary, and firmware analysis to identify exploitable vulnerabilities and develop proof-of-concept exploits and mitigations

Participate in the design and implementation of new tools and techniques for vulnerability assessment, penetration testing, and adversary emulation to advance the understanding and mitigation of threats to operational technology

Identify emerging threats and opportunities for enhancing cyber defense and red team capabilities, helping shape the technical direction of LLNL’s cybersecurity initiatives

Engage with sponsors and stakeholders to develop new program growth opportunities, contribute to research proposals, and ensure alignment with mission objectives

Drive and execute innovative ideas and approaches to meet sponsor and project needs in a rapidly evolving threat landscape

Mentor and collaborate with team members, utilizing your technical expertise to attract and retain projects, programs, and funding

Perform other duties as assigned

Direct technical tasks for a portfolio of highly complex technical tasks and projects that consistently require the application of creativity and innovation; set broad research/project vision and strategy and influence technical direction for Laboratory, self and/or others wielding extensive influence with senior management and policy makers

Provide highly innovative solutions to abstract complex problems/ideas, convert them into usable algorithms/software modules, and provide solutions that require in-depth analysis of multiple factors and the creative use of established methods

Develop new ideas, modify approaches, and redefine requirements that significantly impact major Laboratory programs, set high-level goals, and contribute to the revolutionary advancement of knowledge

Qualification

Cybersecurity expertiseRed teaming techniquesVulnerability assessmentSource code analysisPenetration testingMalware analysisTechnical communicationProblem-solving skillsTeam collaborationProject management

Required

Ability to maintain a U.S. DOE Q-level security clearance which requires U.S. citizenship

Bachelor's degree with significant focus in cybersecurity, computer science, information technology, computer engineering, or related technical field or the equivalent combination of education and related experience

Significant experience leading program analysis of source code, binaries, or firmware

Experience in the use of hardware or software debuggers, static disassemblers and decompilers (such as IDA Pro), common binary file formats, dynamic analysis tools, software bills of materials, and/or network analysis tools

Significant experience communicating technical information across multi-disciplinary teams and to non-cyber experts, advising senior management, and applying interpersonal skills to collaborate effectively in a team environment

Advanced knowledge of state-of-the-art technologies in red teaming and penetration testing

Advanced analytical, problem-solving, and decision-making skills to develop creative solutions to complex problems

Ability to effectively manage concurrent technical tasks with competing priorities, along with the demonstrated ability to approach difficult problems with enthusiasm and creativity and to effectively change focus when necessary

Advanced verbal and written communication skills necessary to effectively collaborate in a team environment and present and explain technical information to multi-disciplinary teams and non-cyber experts and advise senior management and/or external sponsors and proficient interpersonal skills

Preferred

Advanced degree with significant focus in cybersecurity, computer science, information technology, computer engineering, or a related technical field

Knowledge of one or more of the following computer science disciplines: embedded systems, scientific data analysis, machine learning, systems programming, software engineering, formal verification methods, and high performance computing

Experience with industrial control systems software and hardware

Ability to secure sponsor funding through winning proposals and sponsor relationships

Previous experience working Department of Energy, Department of Homeland Security, Department of Defense, a utility, manufacturing, or hardware/software company, or a cybersecurity firm