You are viewing a preview of this job. Log in or register to view more details about this job.

Cybersecurity Researcher (B.S./M.S./Ph.D.) (Minneapolis, MN; Boston, MA)

SIFT
Email
Cyber Security Researcher

Location: Minneapolis/Boston

Note: Due to the nature of our contract work, positions at SIFT are restricted to US citizens and permanent residents. Also, this position requires that you be fully vaccinated against COVID-19, unless you require a reasonable accommodation for religion or a health-related need.

Are you a cybersecurity specialist, computer language expert, compiler geek, or assembly hacker? At SIFT you’ll have the opportunity to do high impact research in autonomous cybersecurity to identify exploits and reduce attack surface area to thwart cyber attacks. You won’t just use off-the-shelf cyber tools, you’ll modify them and make new ones.

Our researchers have decades of experience in cybersecurity. We’ve created fully autonomous cybersecurity reasoning systems that can not only identify exploits in stripped binaries, but can fix compromised programs by rewriting their executables. We’ve created tools for programmers to help identify and fix vulnerabilities in their code. And much of our work has been applied to find and fix real-world software vulnerabilities.

What will you do as a Cybersecurity Researcher at SIFT?

As a Cybersecurity Researcher at SIFT, you will have the opportunity to:
  • Conduct software vulnerability analysis - Understanding software flaws in both source and binary code to automatically detect flaws.
  • Utilize symbolic execution - Systematically increasing code coverage automatically to find rarely encountered faults.
  • Conduct fuzz-testing - To increase code coverage using a variety of fuzzers, both instrumented and protocol-based.
  • Perform software debloating - Removing unused code from a binary to reduce the attack surface.
  • Design automatic exploit generation algorithms - Creating software to determine if the found code flaws can compromise the system.
  • Determine how and why software failed through digital forensics and crash analysis.

Note: While exposure to the topics above are a plus, we have plenty of ground level tasks to help get you started in a career in cyber security research.

What kind of background is needed for this role?

We don’t expect you to be a seasoned cyber security expert, and we can train entry-level applicants. But it’s helpful to have some degree of:
  • An understanding of compilers and related tools (how compilers produce machine code, linkers produce executables, how debuggers work, and knowledge of internal program runtime structures like stack and memory allocation layouts).
  • An understanding of the basics of software engineering to ensure your code works with the rest of the team’s emerging code.
  • An understanding of assembly code (such as x86 or ARM) to help with binary analysis.

Also, we don't expect you to have specialized experience, but please let us know if you have any previous exposure/familiarity with any of the following:
  • Participation in Capture The Flag (CTF) cyber security competitions
  • Fuzzing, with tools like AFL++, HonggFuzz
  • Symbolic execution with tools like angr, BAP, Fuzzball, KLEE
  • OCaml
  • IDA Pro, Binary Ninja, or Ghidra
  • Metasploit, Kali

What are some of the benefits of working at SIFT?

  • Liberal Flex Time Policy: you can work in a way that makes sense for your work/life balance.
  • Salary is open to negotiation and will be competitive.
  • Health, Dental, Life, and Disability Insurance (SIFT pays 80% of health insurance premium and 100% of life insurance premium).
  • 20 paid vacation days per year, plus unlimited sick days.
  • 401K matching funds (5% of salary, vested immediately; options of traditional 401k, Roth 401k, or combination, with access to 50+ mutual funds).
  • Bonus program for technical merit/contribution.
  • Computer of choice (Mac, Windows, or Linux) provided by SIFT.
  • Home Office - $2,000 allowance/year.
  • Full internet and cell phone reimbursement.
  • Profit sharing (as 401k distributions or additional vacation days).
  • Tuition reimbursement for continuing education (50% of tuition paid, up to $10,000 per year).
  • Parking and bus card reimbursement.

Working at SIFT

SIFT is a unique company that values innovation and employee empowerment. As a small, but stable, business SIFT provides an efficient and thin organizational structure that helps employees focus upon doing interesting technical work without significant red-tape.
SIFT's cooperative-style work environment provides employees a platform to set and pursue their professional interests, including opportunities to focus upon engineering, basic research, project management, business development, IT, and commercialization.


You can apply through this Handshake post, or simply email your resume to hiring@sift.net!