Embedded Security Research Engineer with Security Clearance

Galois, Inc. is a sister company of ExistX. This job posting is for an opportunity directly with Galois. Learn more at and About the Role Galois is hiring an embedded security research engineer to join our team. This role will focus on improving the state-of-the-art for embedded security and exploit development techniques. You will use your practical and theoretical knowledge of embedded security, formal techniques, and math to conduct research into securing embedded platforms and create new tools and methodologies to assure high levels of security. Responsibilities
As an Embedded Security Research Engineer, you will have the following responsibilities: Requirements gathering: engaging clients in a series of discussions to iteratively refine their technical needs and jointly imagine innovative concepts to meet those needs. Architecture and design: building high-level architectural descriptions of software systems and refining them into program designs by creating architecture prototypes. Architectures must be designed with assurance in mind, determining where and how formal methods are to be applied. Implementation: extending design prototypes to a finished product, with care taken to ensure robustness and ease of use. Formal verification: use mechanical reasoning tools such as theorem provers and model checkers to demonstrate or analyze desired security and correctness properties of systems. Testing and validation: constructing and regularly conducting system, unit, and regression tests, as well as conducting semi-formal validation and verification. Technology research and development: conducting speculative research and development of cutting-edge technology and incorporating that technology in product prototypes. Technical infrastructure development: developing (designing, implementing, and maintaining) tools for use within Galois, as well as developing library code to be shared among projects. Key Qualifications Education:
A minimum of a Bachelor's degree in electrical engineering, computer engineering, computer science, mathematics, or equivalent is required. Required Technical Expertise: Background in cybersecurity exploitation (binary analysis, vulnerability discovery, hardware reverse engineering)
Basic knowledge of hardware engineering languages and platforms Familiarity with diverse formal methods, such as model checking, theorem proving, and program analysis, and demonstrated expertise in at least one such area.
Fluency in one or more programming languages, particularly for developing high-assurance systems and/or security products. Required General Skills: Must work well with customers, including building rapport, identifying needs, and communicating with strong written, verbal, and presentation skills. Must be highly motivated and able to self-manage deadlines and quality goals. Preference will be given to candidates with one or more of the following technical expertise: Side channel analysis and anti-tamper research and/or industry experience
Familiarity with cryptography application and theory Security and Citizenship Requirement
The candidate must be a U.S. citizen without close and continuing foreign contacts. Candidates must have and retain a TS clearance and be SAP / SCI eligible. The candidate must not require a U.S. government export license to authorize access to export-controlled technology and software required to perform this role. Location
This role requires working in person from our Dayton, OH, office, and client sites in the surrounding area. Benefits
We offer a robust benefits package to provide for your and your family's well-being, including: Employee Stock Ownership Plan (ESOP)
401(k) retirement plan with 5% employer match and immediate vesting
Fully paid medical insurance plans and dental and vision reimbursement plan
Health Savings Account (HSA) with generous employer contributions
Mental health and wellbeing support through our employee assistance program
5 weeks of paid time off and 9 days of paid company holidays each year
16 weeks of fully paid parental leave (available for birth, adoption, and fostering)
1 week of fully paid "Blue Sky" innovation time each year to pursue your interests
For more information on our benefits, visit . Compensation
Compensation is based on the value of your results, not your value as an employee or person. The compensation process, individual salaries, and criteria for salary changes are transparent to the entire company. For more information about our forward-looking and transparent approach to pay, visit . Equal Employment Opportunity
Galois is an Equal Opportunity Employer and does not discriminate in employment opportunities or practices based on race, ethnicity, national origin, ancestry, color, sex, gender identity or expression, sexual orientation, marital or parental status, pregnancy or childbirth, disability, age, religion, creed, genetic information, veteran status, or any other characteristic protected by applicable federal, state, or local law. We encourage and respect different viewpoints and experiences as being essential to the process of innovation. We strive to acquire, grow, and maintain a diverse and inclusive workplace that applies principles and standards equitably while supporting the needs and accommodations of the individual employee. Consistent with the Americans with Disabilities Act (ADA) and federal and state laws, it is the policy of Galois, Inc. to provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. If you require reasonable accommodation in completing the employment application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please contact .