Software Reverse Engineer

Overview:
We are seeking a highly skilled and experienced Senior Software Reverse Engineer to join our SCAR Team. In this role, you will perform in-depth analysis of software, firmware, and hardware systems to uncover their true functionality, identify vulnerabilities, and understand their operational context. This position requires a holistic approach, combining dynamic system analysis, static binary reverse engineering, and document exploitation to reveal not just what a system does, but why and how it supports its mission objectives.

Key Responsibilities:

System Analysis: Conduct comprehensive analysis of compiled software and binaries. Employ forensic techniques to extract critical artifacts, understand system architecture, and identify key software components.
• Dynamic System & Environment Analysis: Utilize virtualization and sandboxing environments (VMware, KVM/QEMU) to run and observe software in its native operating environment. Perform system call tracing, network monitoring, and file system analysis to reveal real-time behaviors and interactions.
• Live Debugging and Analysis: Perform live, on-system debugging using tools like the GNU Debugger (GDB) to step through code execution in real-time. Correlate dynamic findings directly with static analysis from Ghidra to validate assumptions, understand complex logic, and uncover obfuscated functionality.
• Static Reverse Engineering: Use advanced reverse engineering tools, with a focus on Ghidra, to decompile and disassemble software. Analyze code paths, extract indicators, and uncover hidden or malicious logic that is not apparent through dynamic analysis alone.
• CONOPS and Document Exploitation (DOCEX): Collaborate with analysts to integrate findings from system and operational documents. Use this context to understand the system's Concept of Operations (CONOPS), providing significance and priority to exploitation efforts.
• Vulnerability and Capability Research: Investigate and identify vulnerabilities, undocumented features, and novel capabilities within the target system. Develop proof-of-concept exploits and assess their potential impact on operational dependencies. Model and Simulate specific features and functions to understand how the software was developed, compiled, and deployed.
• Tool Chain Mastery: Employ a specialized toolchain for analysis, including disk imagers, virtual machine managers, network scanners, and debuggers to perform end-to-end exploitation.
• Mentorship: Mentor junior engineers in specific SWRE methodologies, tools, and techniques.

Required Qualifications:

• Bachelor's degree in Computer Science, Software Engineering, Information Security, or a related field (or equivalent experience) with 8+ years of relevant experience; OR Masters's degree in Computer Science, Software Engineering, Information Security, or a related field (or equivalent experience) with 6+ years of relevant experience; OR PhD in Computer Science, Software Engineering, Information Security, or a related field (or equivalent experience) with 3+ years of relevant experience .
• Minimum of 3+ years of relevant experience in software reverse engineering, with a preference for experience in materiel exploitation, malware analysis, or vulnerability research.
• Proven experience with virtualization platforms (VMware Workstation, KVM/QEMU) for dynamic analysis, sandboxing, and system emulation.
• Hands-on experience with forensic disk image analysis using tools like Autopsy and guestfish to mount, modify, and extract artifacts from raw disk images.
• Expertise in the SWRE toolchain, including Ghidra, GDB, Wireshark, MobaXterm, NMAP, and the Linux binutils suite (e.g., readelf, strace, ltrace, ldd).
• Demonstrated ability to perform live debugging of complex applications using GDB, including setting breakpoints, inspecting memory, and analyzing program state to support reverse engineering efforts.
• Deep expertise in Linux/Unix environments, including system administration, network configuration, SSH key management (ssh-keygen, virt-customize), and advanced command-line tools.
• Strong knowledge of low-level programming (C, C++, Assembly) and experience with scripting languages like Python.
• Strong understanding of operating system internals, x86/x64 assembly, and CPU architecture.
• Experience with network analysis (Wireshark, nmap) to baseline system behavior and identify communication protocols.
• Experience handling non-standard system configurations, including foreign language character sets and legacy hardware emulation.
• A solid understanding of common security practices and the ability to identify security flaws in software architecture.
• TS/SCI with ability to obtain a poly

This position is located on-site in Huntsville, AL

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.