Join our Team

CAREERS

Become Part of the Cyber War

Our mission is simple: be better than the bad guys. This drive pushes us to push ourselves and unifies us to form a diverse community of security experts. We always ask questions, we always question why, we will push the envelope and have fun doing it.

Cybersecurity is Cyber-People

We believe that no amount of policy, procedure, action plans, best practices, scripts, and technology can replace the keystone of cybersecurity: people. And for us people are our secret weapon. Our culture strives to grow your career and profession because at the end of the day we are all on the same team. Flexible schedules, hot-sauce contests, and a fair amount of beer and coffee are to be expected. 

Embedded Systems Security Researcher/Penetration Tester

Location: Redstone Arsenal Huntsville, AL

Schedule: Full Time

Clearance: Top Secret

Travel: None

What you'll do:

Xyston is looking for someone who will provide reverse engineering, static and dynamic binary analysis, and vulnerability analysis of software on a variety of different platforms and operating systems. Additionally, he or she will need to write proof-of-concept exploits that simulate adversarial capabilities against systems, and author technical documentation of research or findings as it relates to all security mechanisms such as access control, encryption, and obfuscation.

 

The Embedded Systems Security Researcher/Penetration Tester will perform advanced level security evaluation tasks and duties in order to meet customer requirements and project deadlines.

Duties include:

  • Develop sophisticated, state-of-the-art attacks that integrate the latest attack methods against embedded products

  • Create tools to assist in project goals

  • Communicate complex vulnerabilities to both technical and non-technical client staff

  • Perform research on new attack vectors, discover new vulnerabilities, create new exploitation techniques

  • Create Proof of Concepts (PoC) exploits and documentation

What we want:

  • BA/BS in STEM related field

  • 3+ Years of C/C++ or Assembly Experience

  • Experience with ARM or MIPS architectures and processors

  • Experience with hardware debugging or interface methods including USB, SPI, JTAG, UART, or I2C

  • Experience with reverse engineering/debugging software using tools such as IDA Pro, gbd, adb, or Ghidra

  • Experience with languages such as Golang, Python, bash, etc

  • Experience in “bare metal” or driver development

  • Experience with Logic Analyzers, Software Defined Radios, Hardware Communications devices(Bus Pirate, etc..)

  • Relevant certifications such as PenTest+, Offensive Certified Security Professional (OSCP), Offensive Certified Security Expert (OSCE), Software Linux Assembly Expert (SLAE)

  • Soldering skills to remove flash chips and solder test leads

  • Knowledge of Linux and Real Time Operating Systems

 

Knowledge of security-related topics, such as authentication, identity management, data protection, data leakage prevention, validation checking, encryption, hashing, principle of least privilege, software attack methodologies, secure data transfer, secure data storage, and so forth is expected.

 

Xyston, Inc. is committed to hiring and retaining a diverse workforce. Xyston does not discriminate on the basis of race, color, religion, creed, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. US Citizenship is required for this position.