255 Security Research jobs in the United States

PALO ALTO NETWORKS is the fastest-growing company in Silicon Valley and a four-time Gartner Group Magic Quadrant winner for innovation and the ability to execute. Palo Alto Networks has been named a “best place to work” by the Silicon Valley Business Journal. Our game-changing security platform brings together all key network security functions, including advanced threat protection, firewall, IDS/IPS, and URL filtering. A fun and dynamic culture, we offer unprecedented career and financial growth potential, along with the chance to be part of the very important mission: to prevent cyber breaches and protect our digital way of life. JOB DUTIES As a member of the Security Research Team, you will work with researchers on implementing different projects that detect and defend against various emerging threats in areas including Web security and Network security. You will be a key person in transforming ideas into products which are part of the next generation security platform. The Security Research Team is responsible for innovating new security techniques. RESPONSIBILITIES: Build threat research systems for both internal tools and customer-facing products. Write design documents, SW development guidelines, and best practices. Work closely with team members and PMs to gather requirements, design, implement, and release. Work with QA and DevOps on release/deployment. Proven problem-solving and interpersonal communication skills. QUALIFICATIONS: Creative thinker and team player, with good communication skills and desire to make a difference. 3+ years of experience as a Java Developer in distributed systems. Ability to design and deploy component, regression, and integration tests. Familiar with Microservice architecture, proficient in MongoDB, MySQL, Hadoop, HBase, and Cassandra. Experience in designing and tuning high-performance systems. Experience with Big Data and streaming tools, Kafka, and RabbitMQ. Experience with container-based development (Docker, Kubernetes). Knowledge of web crawlers, machine learning, and web content classification. Hands-on and can-do attitude. EDUCATION/QUALIFICATION: BS/MS in Computer Science or Computer Engineering. Learn more about Palo Alto Networks HERE and check out our FAST FACTS . #J-18808-Ljbffr

AWS Cloud Security Research Engineer

CACI is seeking an AWS Research Engineer to be at the forefront of cloud security innovation! In this role, you will explore cutting-edge AWS security features, develop best practices, and shape the future of secure cloud migrations in highly regulated environments. Your research will directly impact critical government projects and drive the evolution of cloud security. This exciting role offers the chance to make a significant impact on cloud security practices in critical government environments. Join our team of innovators and help shape the future of secure cloud computing!

Responsibilities:

• Research and analyze AWS service security features and architectures

• Develop security best practices and configurations for data protection in regulated environments

• Create detailed guidance for system developers migrating to the cloud

• Collaborate with security, compliance, and development teams to formulate specialized cloud migration strategies

• Assist in developing cloud-based solutions compliant with government security requirements (e.g., NIST SP 800-53)

• Meet regularly with Government Task Lead to discuss deliverables and expectations

Qualifications:

Required:

• Active TS/SCI clearance with Polygraph

• 2+ years of AWS Cloud experience

• 8+ years of technology research experience, including cyberspace vulnerability evaluation and network analysis

• 2+ years of experience with IA Products and/or Key Management Solutions

• 2 years of Intelligence Community experience in network and vulnerability analysis

• Cloud architecture and design experience in any cloud environment

• DoD 8570-M IAT Level 1 certification

• Bachelor's degree in a relevant field

• Ability to work autonomously

Desired:

• Technical writing experience with a security focus

• Strong written and verbal communication skills

• Understanding of Attribute Based Access Control (ABAC) requirements and services

• AWS certifications

___

What You Can Expect:

A culture of integrity.

At CACI, we place character and innovation at the center of everything we do. As a valued team member, youll be part of a high-performing group dedicated to our customers missions and driven by a higher purpose to ensure the safety of our nation.

An environment of trust.

CACI values the unique contributions that every employee brings to our company and our customers - every day. Youll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.

A focus on continuous growth.

Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground in your career and in our legacy.

Your potential is limitless. So is ours.

Learn more about CACI here.

___

Pay Range : There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn morehere.

The proposed salary range for this position is:

CACI is seeking an AWS Research Engineer to be at the forefront of cloud security innovation! In this role, you will explore cutting-edge AWS security features, develop best practices, and shape the future of secure cloud migrations in highly regulated environments. Your research will directly impact critical government projects and drive the evolution of cloud security. This exciting role offers the chance to make a significant impact on cloud security practices in critical government environments. Join our team of innovators and help shape the future of secure cloud computing!

Responsibilities:

• Research and analyze AWS service security features and architectures
• Develop security best practices and configurations for data protection in regulated environments
• Create detailed guidance for system developers migrating to the cloud
• Collaborate with security, compliance, and development teams to formulate specialized cloud migration strategies
• Assist in developing cloud-based solutions compliant with government security requirements (e.g., NIST SP 800-53)
• Meet regularly with Government Task Lead to discuss deliverables and expectations

Qualifications:

Required:

• Active TS/SCI clearance with Polygraph
• 2+ years of AWS Cloud experience
• 8+ years of technology research experience, including cyberspace vulnerability evaluation and network analysis
• 2+ years of experience with IA Products and/or Key Management Solutions
• 2 years of Intelligence Community experience in network and vulnerability analysis
• Cloud architecture and design experience in any cloud environment
• DoD 8570-M IAT Level 1 certification
• Bachelor's degree in a relevant field
• Ability to work autonomously

Desired:

• Technical writing experience with a security focus
• Strong written and verbal communication skills
• Understanding of Attribute Based Access Control (ABAC) requirements and services
• AWS certifications

What You Can Expect:

A culture of integrity. At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation. An environment of trust. CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality. A focus on continuous growth. Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy. Your potential is limitless. So is ours. Learn more about CACI here.

Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here. The proposed salary range for this position is: $79,400 - $162,700 CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.

OverviewSecurity represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.We are seeking an innovative Security-Focused AI Engineer specializing in graph technologies to join our team. The successful candidate will leverage AI-driven graph analytics to detect, analyze, and mitigate cybersecurity threats. You will build intelligent systems to enhance our security posture by applying cutting-edge graph theory, graph databases, and machine learning methods.Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.
ResponsibilitiesBringing the State of the Art to Products Establishes collaborative relationships with relevant product and business groups inside or outside of Microsoft and provides expertise or technology to create business impact. Takes initiative and drives activities such as technology transfers attempts, standards organizations, filing patents, authoring white papers, developing or maintaining tools/services for internal Microsoft use, or consulting for product or business groups. May publish research to promote receiving new intellectual property for business impact. Brings new technology and approaches into production by applying long-term research efforts to solve immediate product needs. Collaborates with and bridges the gap between researchers (in community across the company, Microsoft Research (MSR), or in their own organizations) and development teams. Begins to negotiate across teams to ensure cutting edge technology is being applied to products in a practical way that meets key business objectives. Develops an understanding of research approaches used across a group or organization to leverage (and not re-invent) solutions. Independently works to create product impact. Identifies approach, and applies, improves, or creates a research-backed solution (e.g., novel, data driven, scalable, extendable) to positively impact a Microsoft product or service. Designs an approach to solve significant business problems shared by a senior team member. May publish research to promote receiving new intellectual property for product impact. Leveraging Applied Research Masters one or more subareas (e.g., Object Recognition, Text Classification) and gains expertise in a broad area of research (e.g., Machine Learning, Natural Language Processing, Computer Vision, Statistical Modeling, Data-Driven Insights. Understands the corresponding literature and applicable research techniques. Uses expertise to identify the right technique to use when examining a problem. Serves as an expert within product domain. Gains deep knowledge in a complex or highly ambiguous service, platform, or domain. Shares knowledge of changes in industry trends and advances in applied technologies with engineers and product teams to apply advanced concepts to identify product needs and drive action toward solutions. Fosters audience for the product based on understanding of the industry. Reviews business and product requirements and incorporates state-of-the-art research or previously tested solutions occurring at Microsoft and the academic field to formulate plans that will meet business goals. Identifies problems and develops strategy to resolve team or feature level problems. Provides strategic direction for the kinds of data used to solve problems. Researches and develops an understanding of tools, technologies, and methods being used in the community that can be utilized to improve product quality, performance, or efficiency. Applies deep subject matter expert knowledge around several specialized tools/methods to support business impact. Capability Management and Networking Provides mentorship by participating in onboarding to less experienced team members (e.g., interns, research associates) and guiding less experienced team members in processes, scenarios, projects, and their careers, and provides guidance around best practices and standards. Assists in developing academics to be members of multi-discipline teams. Identifies and inspires peers and new research talent to join Microsoft. Participates in candidate screening and interviewing and forms job descriptions for attracting new talent. May share research findings through publications or industry outreach. Collaborates with the academic community to develop the recruiting pipeline, identify cutting-edge solutions for products, and establish awareness of their work. Documentation Performs documentation of work in progress, experimentation results, plans, etc. Documents scientific work to ensure process is captured. Creates informal documentation and may share findings to promote innovation within group or with other groups. Ethics and Privacy Uses deep understanding of fairness and bias. May contribute to ethics and privacy policies related to research processes and/or data/information collection by providing updates and suggestions around internal best practices. Seeks to identify potential bias in the development of products. Specialty Responsibilities Leverages data analysis knowledge to clean, transform, analyze, integrate, and organize data to the level required by the analysis techniques selected. Develops useable datasets for modeling purposes. Scales the feature ideation and data preparation. Takes cleaned or raw data and adapts data that for machine learning purposes. Uses understanding of which features are important that come out of the model and identifies the optimal features. Identifies gaps in current datasets and drives onboarding of new datasets. Works with team to optimize signal system design. Mentors and coaches less experienced members in data cleaning and analysis best practices. Identifies gaps in current datasets and drives onboarding of new datasets (e.g., bringing on third-party datasets). Attempts to fix bugs in data to inform developers how to improve the products. Ensures representative data to honor problem definition and ethics.* Leverages or designs and uses machine learning/data extraction, transformation, and loading (ETL) pipelines (e.g., data collection, cleaning) based on data prepared and guides team to do so. Influences the direction of the team. Establishes the pipeline so that the team can conduct all of their experiments and data processing. Provides guidance to less experienced team members. Uses data pipelines for training, as well as for shipping models which should execute correctly.* Collaborates with others and helps lead others to leverage data to identify pockets of opportunity to create state-of-the-art algorithms to improve a solution to a business problem. Consistently leverages knowledge of techniques to optimal analysis using algorithms. Identifies opportunity areas regarding new statistical analyses and drives solutions. Uses statistical analysis tools or modifies existing tools for evaluating Machine Learning models and validates assumptions about the data while also reviewing consistency against other sources. Runs basic descriptive, diagnostic, predictive, and prescriptive statistics. Represents the team's insights. Characterizes the customer's problem through metrics to measure the quality of machine learning systems. Calibrates metrics to support decision making for data (e.g., gaining awareness of ideal metrics and use of metrics).* Identifies possible machine learning formulations that map to the problem and selects the formulation that gives the optimal outcome (e.g., predicting the actual age or age group). Leverages state-of-the-art algorithms that structures, analyzes, and uses data in products and platforms to train algorithms scalable for artificial intelligence solutions before deploying. Uses familiarity of machine learning frameworks (e.g., uses open source libraries) to train algorithms. Collaborates and helps less experienced team members through process.* Helps address scalability problems by adjusting to stakeholder needs. Works with large-scale computing frameworks, data analysis systems, and modeling environments to improve models. Applies the model to real products, and then verifies effects through iterations. Experiments by putting multiple models in production and evaluating their performance. Mentors less experienced team members through modeling processes. Continues to monitor how algorithm performs against expected behaviors and performance or accuracy guardrails. Monitors over time for input and output data that there are changes over time. Uses system to run analyses on an ongoing basis such as by comparing predicted value with actual value. Addresses models that break during production (e.g., due to input streams changing).* Other Embody our culture and values

The Riverside Research Engineering and Support Solutions (ESS) directorate conducts Research and Development (R&D) of cyber-physical attacks against embedded systems. As a Senior Cyber Security Research Engineer,you will collaborate with a multi-disciplinary team of research engineers and scientists on a range of microelectronics research projects. You'll work directly with a team of embedded system security research subject matter experts (SME), the senior Principal Investigator, and Program Manager to support various project-specific research scope and deliverables providing value to our customers. The position is in Beavercreek OH and requires a security clearance. Remote work is not available for this position. Travel is not expected to exceed two to four times a year.

All Riverside Research opportunities require US citizenship.

Job Responsibilities

Perform reverse engineering and other cyber attacks against microelectronic devices

• Develop software to run in user-mode or kernel-mode

• Studies and reports over software-based threats to embedded systems published in scientific journals, hacking blogs, and presentations at conferences

• Documents findings in technical reports and presentations

• Collaborates with hardware security researchers

• Provide technical mentorship for junior researchers, in area of expertise

• Work with Project Manager and Principal Investigator to plan, and execute technical resource application to project; manage and communicate deliverable status and timelines.

Required Qualifications

• Bachelor's degree in Computer Engineering, Computer Science or related technical area with 8 years relevant experience, or a related technical Master's degree with 5 years relevant experience, or a PhD in a related field with 3 years relevant experience

• Secret clearance required to start, but must be able obtain Top Secret security clearance and all required program access approvals

• Extensive experience reverse engineering operating systems like embedded Linux (e.g. PetaLinux, Yocto, Buildroot), RTOS (e.g. VxWorks, Integrity), and bare-metal systems (e.g. firmware)

• Experience with a disassembler for vulnerability research (Ghidra, IDA Pro, BinaryNinja)

• Experience with one or more assembly languages (x86, x64, ARM, MIPS, PowerPC, etc.)

• Experience with debuggers like (WinDbg, HyperDbg, GDB/KGDB/KDB, TRACE32, and OpenOCD)

• Strong familiarity with published vulnerability databases (CVE, CWE, etc.)

• Experience with embedded processors (RISC-V, ARM, MicroBlaze, Nios, etc.)

• Experience with using simulation/emulation, and hardware-in-the-loop (HIL) to assist with debugging and reverse engineering

• Experience presenting technical material to both technical and non-technical audiences

• Willing to work in a secure US Government facility

• Interest in solving open-ended research challenges

Desired Qualifications

• Active DoD Top Secret (TS) or equivalent US Government security clearance

• Familiarity with hardware security attacks, hardware development, or side-channel analysis

• Experience leading small project teams, or leading software development

• Embedded software development experience

• Familiarity with compiled languages like C/C++ and Rust

• Knowledge of formal analysis, static analysis, or other software cyber research areas

• Python (preferred) or other scripting experience

• Previous experience working in a secure US Government facility is desired
• Bachelor's degree in Computer Engineering, Computer Science or related technical area with 12 years relevant experience, or a related technical Master's degree with 8 years relevant experience, or a PhD in a related field with 5 years relevant experience

• Perform reverse engineering and other cyber attacks against microelectronic devices

• Develop software to run in user-mode or kernel-mode

• Studies and reports over software-based threats to embedded systems published in scientific journals, hacking blogs, and presentations at conferences

• Documents findings in technical reports and presentations

• Collaborates with hardware security researchers

• Provide technical mentorship for junior researchers, in area of expertise

• Work with Project Manager and Principal Investigator to plan, and execute technical resource application to project; manage and communicate deliverable status and timelines.

• Bachelor's degree in Computer Engineering, Computer Science or related technical area with 8 years relevant experience, or a related technical Master's degree with 5 years relevant experience, or a PhD in a related field with 3 years relevant experience

• Secret clearance required to start, but must be able obtain Top Secret security clearance and all required program access approvals

• Extensive experience reverse engineering operating systems like embedded Linux (e.g. PetaLinux, Yocto, Buildroot), RTOS (e.g. VxWorks, Integrity), and bare-metal systems (e.g. firmware)

• Experience with a disassembler for vulnerability research (Ghidra, IDA Pro, BinaryNinja)

• Experience with one or more assembly languages (x86, x64, ARM, MIPS, PowerPC, etc.)

• Experience with debuggers like (WinDbg, HyperDbg, GDB/KGDB/KDB, TRACE32, and OpenOCD)

• Strong familiarity with published vulnerability databases (CVE, CWE, etc.)

• Experience with embedded processors (RISC-V, ARM, MicroBlaze, Nios, etc.)

• Experience with using simulation/emulation, and hardware-in-the-loop (HIL) to assist with debugging and reverse engineering

• Experience presenting technical material to both technical and non-technical audiences

• Willing to work in a secure US Government facility

• Interest in solving open-ended research challenges

• Active DoD Top Secret (TS) or equivalent US Government security clearance

• Familiarity with hardware security attacks, hardware development, or side-channel analysis

• Experience leading small project teams, or leading software development

• Embedded software development experience

• Familiarity with compiled languages like C/C++ and Rust

• Knowledge of formal analysis, static analysis, or other software cyber research areas

• Python (preferred) or other scripting experience

• Previous experience working in a secure US Government facility is desired
• Bachelor's degree in Computer Engineering, Computer Science or related technical area with 12 years relevant experience, or a related technical Master's degree with 8 years relevant experience, or a PhD in a related field with 5 years relevant experience

Riverside Research is an independent National Security Nonprofit dedicated to research and development in the national interest. We provide high-end technical services, research and development, and prototype solutions to some of the country's most challenging technical problems. All Riverside Research opportunities require U.S. Citizenship.

The Riverside Research Engineering and Support Solutions (ESS) directorate conducts Research and Development (R&D) of cyber-physical attacks against embedded systems. As a Senior Cyber Security Research Engineer, you will collaborate with a multi-disciplinary team of research engineers and scientists on a range of microelectronics research projects. You'll work directly with a team of embedded system security research subject matter experts (SME), the senior Principal Investigator, and Program Manager to support various project-specific research scope and deliverables providing value to our customers. The position is in Beavercreek OH and requires a security clearance. Remote work is not available for this position. Travel is not expected to exceed two to four times a year.

Job Responsibilities

• Perform reverse engineering and other cyber attacks against microelectronic devices
• Develop software to run in user-mode or kernel-mode
• Studies and reports over software-based threats to embedded systems published in scientific journals, hacking blogs, and presentations at conferences
• Documents findings in technical reports and presentations
• Collaborates with hardware security researchers
• Provide technical mentorship for junior researchers, in area of expertise
• Work with Project Manager and Principal Investigator to plan, and execute technical resource application to project; manage and communicate deliverable status and timelines.

Required Qualifications

• Bachelor's degree in Computer Engineering, Computer Science or related technical area with 8 years relevant experience, or a related technical Master's degree with 5 years relevant experience, or a PhD in a related field with 3 years relevant experience
• Secret clearance required to start, but must be able obtain Top Secret security clearance and all required program access approvals
• Extensive experience reverse engineering operating systems like embedded Linux (e.g. PetaLinux, Yocto, Buildroot), RTOS (e.g. VxWorks, Integrity), and bare-metal systems (e.g. firmware)
• Experience with a disassembler for vulnerability research (Ghidra, IDA Pro, BinaryNinja)
• Experience with one or more assembly languages (x86, x64, ARM, MIPS, PowerPC, etc.)
• Experience with debuggers like (WinDbg, HyperDbg, GDB/KGDB/KDB, TRACE32, and OpenOCD)
• Strong familiarity with published vulnerability databases (CVE, CWE, etc.)
• Experience with embedded processors (RISC-V, ARM, MicroBlaze, Nios, etc.)
• Experience with using simulation/emulation, and hardware-in-the-loop (HIL) to assist with debugging and reverse engineering
• Experience presenting technical material to both technical and non-technical audiences
• Willing to work in a secure US Government facility
• Interest in solving open-ended research challenges

Desired Qualifications

• Active DoD Top Secret (TS) or equivalent US Government security clearance
• Familiarity with hardware security attacks, hardware development, or side-channel analysis
• Experience leading small project teams, or leading software development
• Embedded software development experience
• Familiarity with compiled languages like C/C++ and Rust
• Knowledge of formal analysis, static analysis, or other software cyber research areas
• Python (preferred) or other scripting experience
• Previous experience working in a secure US Government facility is desired
• Bachelor's degree in Computer Engineering, Computer Science or related technical area with 12 years relevant experience, or a related technical Master's degree with 8 years relevant experience, or a PhD in a related field with 5 years relevant experience

$130,000-$205,000 This represents the typical compensation range for this position based on experience, location and other factors.

Riverside Research Institute is a not-for-profit, technology-oriented defense company, where service to our customers and support of our staff is our overall mission. Riverside is an affirmative action-equal opportunity employer and complies with all applicable federal, state, and local laws regarding recruitment and hiring. Riverside offers comprehensive compensation and benefit packages to our employees. Riverside bases its employment decisions solely on technical experience, qualifications and other job-related criteria related to our organizational purpose as a not-for-profit company, and without regard to race, color, religion, age, sex marital status, sexual orientation, national origin, physical or mental disability, veteran's status or any other status legally protected by applicable federal, state, and local law.