Open positions
-
See full description on LinkedIn
Apply on LinkedIn or by emailing careers@legionx.net
The Company
Legion X is a services company headquartered in Arlington, VA that develops on-demand, custom cyber solutions through applied research, prototyping, and engineering services. We are a small, tight-knit company built and run by engineers who pursue the most interesting and impactful cyber vulnerability research we can find. We take on tasks like vulnerability assessments, exploit development, cyber vulnerability research, penetration tests, firmware reverse engineering, hardware reverse engineering, customized test rigs, capability development, and CNO support for both government and commercial customers. Our vision is to be the premier cyber vulnerability research and red team outfit in the nation.
We are a small, new company embracing what we believe to be the best and most efficient ways of working in the modern era of cybersecurity. That means freedom and flexibility but also responsibility. If you are self-motivated, battle tested, and driven to understand a system so you can exploit it, then we encourage you to apply. We are looking for experts and excellent human beings we want to work with for a long time, and are willing to explore equity options for applicants so that the best come, stay, and hack together.
The Role
You are applying for the role of Senior Firmware Reverse Engineer, CNO. The role is a technical individual performer with lots of room for advancement to building teams, leading teams, and running the company as Legion X grows (if that is what you desire, there is no requirement to ever move to management). A Senior Reverse Engineer, CNO is an experienced firmware reverse engineer who can analyze functionality of a binary with little to no help or outside input. You will be expected to receive and execute tasks from engineering supervisors, analyze binary files that use a variety processor architectures (e.g. x86, ARM, PowerPC, etc.), use popular reverse engineering tools like Ghidra/IdaPro/etc., identify vulnerabilities in reverse engineered code (e.g. buffer overflows, weak protocol implementation, etc.), communicate the details of those vulnerabilities verbally and in writing, build proof-of-concept demonstrations of the vulnerabilities, and employ best practice techniques per customer requirements. You will be focused on firmware found in operational technology platforms like drones, planes, industrial facilities, cars, ships, and even weapon systems. For this position, you must be a US citizen who is TOP SECRET clearance eligible.
In practical terms, if we gave you a computerized component of a car and a copy of the firmware binary running on it, could you identify and technically describe its cyber vulnerabilities? Could you build a tool that demonstrates one of those vulnerabilities?
Application Requirements
Before you apply, make sure you meet these requirements or you will be rejected:
US Citizen with TOP SECRET clearance eligibility
Experience and skillset aligned with the role (firmware reverse engineering experience and skills; cyber vulnerability research skills; protocol analysis skills; communication skills; self-motivation and drive; clear interest in the work)
We do not have Certification or Degree requirements for this position -- your skill alone sets you apart
Willingness to do at least one oral technical interview (1 hour long) over a virtual conferencing solution (like Zoom) in the period of 9am - 6pm Eastern. We can possibly accommodate other times if you ask.
There are also preferred skills and attributes that will strengthen your application:
C/C++ programming experience
CNO experience
Hands-on hardware experience
RF experience
Firmware programming experience
Willingness to work on-site for short periods (1-3 days) at various customer sites around the Northern Virginia/DC/Maryland region.
Understand that the best applicants will be both strong technical and strong cultural fits.