Senior Security Software Research Engineer

L3Harris is dedicated to recruiting and developing high-performing talent who are passionate about what they do. Our employees are unified in a shared dedication to our customers’ mission and quest for professional growth. L3Harris provides an inclusive, engaging environment designed to empower employees and promote work-life success. Fundamental to our culture is an unwavering focus on values, dedication to our communities, and commitment to excellence in everything we do. L3Harris is the Trusted Disruptor in defence tech. With customers’ mission-critical needs always in mind, our employees deliver end-to-end technology solutions connecting the space, air, land, sea and cyber domains in the interest of national security.

Responsibilities:

• Finding vulnerabilities in ubiquitous Internet-deployed software and/or popular devices’ software or firmware.
• Constructing exploits for vulnerabilities discovered by yourself or your team.
• Guiding the team’s technical outcomes to measurable deliverables for the organisation.
• Training, management and provision of guidance to all levels of team members.
• Regular interaction with managers and customer-facing staff members to field queries and questions about technical work.
• Take an active role in cross-team projects when required.

Qualifications:

• 3+ years of Vulnerability Research, reverse engineering, and bug-hunting.
• Experience with static and dynamic binary analysis.
• Experience with iOS, Android, Windows, Linux, or embedded systems kernel, user land, and internals or browser internals.
• Experience with common tools in security research (e.g. IdaPro, Ghidra, Radare, Binary Ninja, AFL, SysInternals, GDB, WinDBG, etc).
• Experience with common programming languages (e.g. C/C++, Python, Swift, etc).
• Experience with common architectures (e.g. x86/64, ARM, AARCH64, MIPS, PowerPC, TILEGX, etc).
• Experience with modern security system features, exploit mitigations, and evasion techniques (e.g. defeating ASLR, DEP, Control Flow Guard, ROP, Security Product/AV Evasion, etc).
• Experience with a wide-range of modern exploitation concepts and techniques.

Preferred Additional Skills:

• Experience with Computer Network Operations / Computer Network Exploitation.
• Experience with symbolic execution and emulation software (e.g. QEMU, Corellium, VHDL, etc).
• Cryptographic experience (e.g. side-channel attacks, implementing AES, etc).
• Experience teaching and mentoring junior vulnerability researchers.
• Bespoke fuzzer development experience.

Employee Benefits:

• Bonus scheme
• 25 days holiday per year (plus bank holidays), increasing with long service and with the opportunity to buy/sell up to 5 days
• Private medical insurance with optional family cover
• Pension scheme of up to 8% employer contribution
• Life Assurance 4x salary (flexible up to 10x)
• Group income protection
• Flexible opt-in extras such as a health care cash plan, dental insurance, gym membership, critical illness cover, cycle to work scheme, travel insurance and electric car scheme
• Employee Family Assistance Program providing mental health and wellbeing support

Important to know:

Due to the nature of our work some of our roles require a UK nationality and the ability to obtain a security clearance. Applicants who accept a conditional offer of employment must meet the requirement of right to work in the UK and must meet eligibility requirements for access to classified information and will be subject to government security checks. L3Harris Technologies is proud to be an Equal Opportunity Employer. We are committed to maintaining a workplace that is free from unlawful discrimination and offers equal opportunities for all. Applications from individuals are encouraged regardless of age, disability, sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief, and marriage and civil partnerships.