Join our Team
Become Part of the Cyber War
Our mission is simple: be better than the bad guys. This drive pushes us to push ourselves and unifies us to form a diverse community of security experts. We always ask questions, we always question why, we will push the envelope and have fun doing it.
Cybersecurity is Cyber-People
We believe that no amount of policy, procedure, action plans, best practices, scripts, and technology can replace the keystone of cybersecurity: people. And for us people are our secret weapon. Our culture strives to grow your career and profession because at the end of the day we are all on the same team. Flexible schedules, hot-sauce contests, and a fair amount of beer and coffee are to be expected.
Embedded Systems Security Researcher/Penetration Tester
Location: Redstone Arsenal Huntsville, AL
Schedule: Full Time
Clearance: Top Secret
What you'll do:
Xyston is looking for someone who will provide reverse engineering, static and dynamic binary analysis, and vulnerability analysis of software on a variety of different platforms and operating systems. Additionally, he or she will need to write proof-of-concept exploits that simulate adversarial capabilities against systems, and author technical documentation of research or findings as it relates to all security mechanisms such as access control, encryption, and obfuscation.
The Embedded Systems Security Researcher/Penetration Tester will perform advanced level security evaluation tasks and duties in order to meet customer requirements and project deadlines.
Develop sophisticated, state-of-the-art attacks that integrate the latest attack methods against embedded products
Create tools to assist in project goals
Communicate complex vulnerabilities to both technical and non-technical client staff
Perform research on new attack vectors, discover new vulnerabilities, create new exploitation techniques
Create Proof of Concepts (PoC) exploits and documentation
What we want:
BA/BS in STEM related field
3+ Years of C/C++ or Assembly Experience
Experience with ARM or MIPS architectures and processors
Experience with hardware debugging or interface methods including USB, SPI, JTAG, UART, or I2C
Experience with reverse engineering/debugging software using tools such as IDA Pro, gbd, adb, or Ghidra
Experience with languages such as Golang, Python, bash, etc
Experience in “bare metal” or driver development
Experience with Logic Analyzers, Software Defined Radios, Hardware Communications devices(Bus Pirate, etc..)
Relevant certifications such as PenTest+, Offensive Certified Security Professional (OSCP), Offensive Certified Security Expert (OSCE), Software Linux Assembly Expert (SLAE)
Soldering skills to remove flash chips and solder test leads
Knowledge of Linux and Real Time Operating Systems
Knowledge of security-related topics, such as authentication, identity management, data protection, data leakage prevention, validation checking, encryption, hashing, principle of least privilege, software attack methodologies, secure data transfer, secure data storage, and so forth is expected.
Xyston, Inc. is committed to hiring and retaining a diverse workforce. Xyston does not discriminate on the basis of race, color, religion, creed, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. US Citizenship is required for this position.