Critical Infrastructure Cyber Security Researcher - CIPHER

Critical Infrastructure Cyber Security Researcher - CIPHER

Submit Resume ID: 498025 Type: Researchers Location: Atlanta, GA Categories: Cybersecurity, Embedded Systems

Project/Unit Description

GTRI is searching for a Critical Infrastructure Cybersecurity Researcher to work in the Embedded Cyber Techniques (ECT) Branch within the Embedded System Vulnerability Division (ESVD) in the Cybersecurity, Information Protection, and Hardware Evaluation Research (CIPHER) Lab. ESVD is skilled in reverse engineering, vulnerability discovery, and forensics analysis of embedded systems. The team is expert in vulnerability discovery and the development and demonstration of RF and network-based techniques to gain unauthorized access to and/or exploit various types of information networks. These efforts identify weaknesses and help ensure that mitigations are effective. The Division specializes in wireless and embedded devices such as radios, modems, routers and embedded controllers comprising various military and Industrial Control System (ICS) networks. The ECT Branch focuses specifically on the security of Critical Infrastructure and Industrial Control System (ICS) networks. The Branch has developed sophisticated intrusion detection systems (IDS) to improve the cyber resilience of energy delivery systems, is analyzing vulnerabilities associated with autonomous energy grids, and builds hardware-in-the-loop and real-time simulation testbeds. Projects are conducted in a small team environment, leveraging expertise from within Georgia Tech and GTRI to successfully execute cutting-edge research efforts.

Job Purpose

GTRI is seeking a highly motivated individual with experience and interest in critical infrastructure cybersecurity to support vulnerability assessment of software and/or firmware of embedded systems. The candidate will perform analysis of software/firmware from embedded and PC-based systems for identification of system technical capabilities and potential vulnerabilities. The following skills/experience are highly desired: experience with a variety of microprocessor architectures and programmable logic devices, software reverse engineering, knowledge of typical encryption and authentication schemes, networking protocols, embedded/real-time operating systems, and embedded system programming.

Key Responsibilities

Static and dynamic analysis of software/firmware

Development of software analysis tools to assist in the reverse engineering process

Development and use of virtual and emulation environments for executing software under test

The primary author of technical reports/presentations for projects of low/moderate complexity. Compile report input from other researchers and prepare final report deliverables.

Additional Responsibilities

Develop parsers and test frameworks for ICS networks and devices

Develop novel tools and techniques to improve the resilience and cybersecurity of critical infrastructure systems

Reverse Engineer proprietary ICS-specific protocols

Develop white papers and proposals for projects for all of the above, preferably with prior experience on contracting specifics for both Dept of Defense and Dept of Energy

Required Minimum Qualifications

3+ years software reverse engineering experience using disassemblers such as IdaPro, Ghidra or other tools

Preferred Qualifications

Active Top Secret Clearance

The ability to clearly present complicated technical concepts to a wide range of audiences

Experience working on critical infrastructure security research programs for a national lab or for sponsors such as the Department of Energy (DOE)

GICSP certification

Familiarity with embedded devices commonly used in at least one Critical Infrastructure Domain, such as PLCs, RTUs and SISs.

Familiarity with industrial control system protocols (e.g., Modbus, IEC 61850, DNP3, OPC, BACnet) and network analysis tools (e.g., Wireshark or Zeek)

Experience with modeling and simulation of industrial processes

Experience leading small engineering teams.

Experience with capture the flag events.

Strong programming skills with experience with one or more programming language.

Travel Requirements

10% - 25% travel

Education and Length of Experience

This position vacancy is an open-rank announcement. The final job offer will be dependent on candidate qualifications in alignment with Research Faculty Extension Professional ranks as outlined in section 3.2.1 of the Georgia Tech Faculty Handbook

5 years of related experience with a Bachelor's degree in Computer engineering, computer science, electrical engineering or related field

3 years of related experience with a Masters' degree in Computer engineering, computer science, electrical engineering or related field

0 years of related experience with a Ph.D. in Computer engineering, computer science, electrical engineering or related field

U.S. Citizenship Requirements

Due to our research contracts with the U.S. federal government, candidates for this position must be U.S. Citizens.

Clearance Type Required

Candidates must be able to obtain and maintain an active security clearance.

Benefits at GTRI

Comprehensive information on currently offered GTRI benefits, including Health & Welfare, Retirement Plans, Tuition Reimbursement, Time Off, and Professional Development, can be found through this link: https: // hr.gatech.edu/benefits

Diversity & Inclusion

Diversity & Inclusion (D&I) at Georgia Tech Research Institute aims to enhance the Institute's mission of solving the world's most complex technical problems by creating a workforce with a shared appreciation for diversity, raising awareness around inclusiveness, and fostering a sense of belonging and appreciation for all members of our community.

Equal Employment Opportunity

Georgia Tech Research Institute is an Equal Opportunity Employer of individuals with disabilities and protected veterans and actively seeks diversity among its employees. Equal Employment Opportunity is the Law.

Posted: 02/14/2023 Closes: 05/15/2023