Total 8 Researcher job vacancies in Legal / Public / Security category in The United States of America

We are seeking talented and passionate individuals to join our Offensive Security team! This position has a strong focus on discovering unknown vulnerabilities in systems and devices.

This position will be based in Singapore, but remote work is possible for the right candidate.

We regret to inform that only shortlisted candidates will be notified

Duties and Responsibilities

In this role, you will discover, evaluate and exploit new vulnerabilities in software applications, modern operating systems and hardware devices. There are no standard methodologies although typical activities include enumeration of attack surfaces, source code review, binary reverse engineering, custom tools development and debugging. Unorthodox methods such as following your gut instincts, and not shaving until you find the unicorn vulnerability are also acceptable. Finally, you will provide technical documentation and proof-of-concept code.

Required Qualifications

Candidates should have the following:

• Proficiency in at least one of the following languages: C, C++, Intel and ARM assembly code
• Demonstrable or demonstrated ability (eg: publications, bug-bounties, etc) to discover, evaluate and exploit vulnerabilities in software applications, modern operating systems and hardware devices
• Knowledge and understanding of a wide range of vulnerability classes
• Knowledge and understanding of modern exploit-mitigations and bypasses
• Strong interest, motivated, and persistence (of your character) to achieve persistent code execution (on the system)

Preferred Qualifications

Candidates possessing the following will be given preferential consideration:

• Demonstrated ability to produce original research related to reverse-engineering, vulnerabilities discovery, evaluation or exploitation

NVIDIA is looking for security researchers passionate about offensive research across different platforms. Do you have experience with identifying hardware and software vulnerabilities, developing PoC, and tools for automation in vulnerability research? Are you creative and devious in your offensive approach? We want to hear from you!

You should demonstrate ability to excel in an environment with innovative and fast paced development on the worlds most powerful integrated software and hardware computing platform.

What you’ll be doing:

• Core job duties will identify vulnerabilities in our embedded firmware and critical system software, building proof of concepts, and collaborating with development teams to remediate them.

• Candidates will invest in improving current tools and offensive practices for bug discovery and evaluation while supporting remediation efforts. We expect team members to exercise modern tools for modeling new attack vectors on unreleased and emerging technology platforms.

• The most impactful candidates can simulate real attacker behaviors, break systems by exploiting design assumption and effectively communicate their findings for action. Focus will be to increase resilience of the end products against all forms of attack through close collaboration with extended SW and HW offensive security teams.

• Products targets span HPC data centers, consumer electronics, autonomous platforms, AI/cloud solutions, and a variety of embedded/IOT platforms providing a rich and complex target space to exercise your skills.

What we need to see:

• We'd like to see proven experience and offensive security research (CVE’s, publications, patents, tools) with responsible disclosure practices.

• Strong skills in reverse engineering and automation (IDA, Ghidra), fuzzing (AFL, WinAFL, Syzcaller) and exploitation (ROP, memory corruption) are important to success; as well as understanding of modern embedded cryptography and common security issues.

• Experience with ARM/X86/RISCV assembly (include shellcode development) and low-level C programming paired with understanding and experience with micro-architectural attacks (side channels, fault injection, etc) is critical.

• Demonstrated skill for secure code reviews of complex source projects, and exposure to code quality practices (SDL, threat modeling) that support development goals.

• Candidates should be comfortable working collaboratively and remotely with others to accomplish complex team goals, enabling delivery of outstanding security for our products.

• BS/BA degree or equivalent experience

• 8+ years in a security related field

Ways to stand out from the crowd:

• Navigating complex platform concerns and ability to analyze composed systems to identify high risk components and established testing targets and objectives.

• Practical skills using Hex-Rays IDA Pro and plugin/loaders development (or similar experience with Ghidra) is valuable as well as experience with enclave models such as ARM TEE, Intel SGX/TDX, AMD SEV-SNP and other isolation technologies.

• Development and integration of AI tooling and skills to accelerate and improve activities and or experience with offensive actions targeting AI models (LLM or other) components within those platforms.

• Experience using any of the common binary instrumentation frameworks and/or working with LLVM IR and Clang plugins, or fuzzing to aid at scale analysis.

NVIDIA has continuously reinvented itself over two decades. Our invention of the GPU in 1999 fueled the growth of the PC gaming market, redefined modern computer graphics, and revolutionized parallel computing. More recently, GPU deep learning ignited modern AI — the next era of computing. NVIDIA is a “learning machine” that constantly evolves by adapting to new opportunities that are hard to solve, that only we can pursue, and that matter to the world. This is our life’s work, to amplify creativity and intelligence. Make the choice to join us today!

The base salary range is 220,000 USD - 419,750 USD. Your base salary will be determined based on your location, experience, and the pay of employees in similar positions.NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.

THIS IS A NON-CIVIL SERVICE POSITION

BALTIMORE CONVENTION CENTER

Intern - Public Art & Building History Researcher/Archivist

                     Part-Time 20-30 hrs./wk.       Salary $ 15.00/hr.

GENERAL DESCRIPTION OF THE POSITION:

The Baltimore Convention Center wishes to research and then produce thorough documentation surrounding its public art collection. This will include reviewing archival documentation, researching artists and their works, interviewing pertinent stakeholders, and producing documents that will be used to create content for the organization’s website and self-guided tours.

Additionally, as the Convention Center will be celebrating its 50th anniversary in 2029, the Intern will start to identify historic photos and documents from within the city and agency archives and propose a list of assets that should be digitized in preparation for a retrospective.

Interns at the Baltimore Convention Center are hired with a specific set of tasks or project in mind.  The goal is to create meaningful job experiences for the student while providing the agency tangible outcomes that leave lasting impact.  The position will work closely with all departments, as well as relevant entities to further the assigned work such as the Baltimore City Archives and the Baltimore Office of Promotion and the Arts

The Intern is a part-time hourly position that will report to leadership within the Sales, Services, and Marketing Department.

Incumbents receive moderate supervision from a technical superior. Employees in this class work a conventional workweek averaging 20-30 hours a week. The work of this position takes place in a predominantly seated work location but will require occasional walking, bending, and lifting items no more than 50lbs. Occasional offsite visits to pertinent locations will be required, however a personal vehicle is not required.

TYPICAL EXAMPLES OF THE WORK:

(The following examples illustrate the work performed in the positions in the class. Positions may require some or all these examples depending on the organization of work within the agency. This list is not inclusive. A position may require related duties not listed, if necessary, to accomplish the work of the agency.)

Review archival documentation surrounding the history of public art at the Baltimore Convention Center and culminate pertinent information to summarize their research.

Identify and research pertinent artists and their works as it relates to the agency’s collection. This may include contacting the artist or their representative on behalf of the agency.  interviewing pertinent stakeholders and producing documents that will be used to create content for the organization’s website and self-guided tours.

Engaging the management and curatorial teams at the Baltimore Office of Promotion and the Arts to align agency information with that of the City’s public art collection records.

Work alongside the agency’s marketing department to design web content surrounding the Center’s public art.

Identify relevant photos and documents from within the city and agency archives to the creation and operation of the BCC since its opening in 1979.

Propose a list of archival items that should be digitized in preparation for a retrospective.

  

Performs related work as required.

REQUIRED KNOWLEDGE, SKILLS, AND ABILITIES

Basic computer skills to include Microsoft Office applications.

Ability to demonstrate examples of the following:

• Clear communication skills, both verbally and in writing
• Sound organization skills.
• Creativity
• Strong interpersonal skills
• Able to adapt to changes of priorities and deadlines.
• Strong sense of teamwork
• Successful problem-solving
• Critical thinking
• Effective time management
• Good Natured Curiosity!

MINIMUM EDUCATION AND EXPERIENCE REQUIREMENTS:

Requirements – Current enrollment in a 2- or 4-year undergraduate program or pursuing a master’s degree. While not required, a focus of studies surrounding library sciences, art or art curation, or marketing/communications is preferred.

LICENSES, REGISTRATIONS AND CERTIFICATES:

N/A

Are you a cybersecurity and/or AI researcher who enjoys a challenge? Are you excited about pioneering new research areas that will impact academia, industry, and national security? If so, we want you for our team, where you’ll collaborate to deliver high-quality results in the emerging area of AI security. 

The CERT Division of the Software Engineering Institute (SEI) is seeking applicants for the AI Security Researcher role. Originally created in response to one of the first computer viruses -- the Morris worm – in 1988, CERT has remained a leader in cybersecurity research, improving the robustness of software systems, and in responding to sophisticated cybersecurity threats.  Ensuring the robustness and security of AI systems is the next big challenge on the horizon, and we are seeking life-long learners in the fields of cybersecurity, AI/ML, or related areas, who are willing to cross-train to address AI Security.  

The Threat Analysis Directorate, is a group of security experts focused on advancing the state of the art in AI security at a national and global scale.  Our tasks include vulnerability discovery and assessments, evaluation of the effectiveness and robustness of AI systems, exploit discovery and reverse engineering, and identifying new areas where security research is needed. We participate in communities of network defenders, software developers and vendors, security researchers, AI practitioners, and policymakers.

You'll get a chance to work with elite AI and cybersecurity professionals, university faculty, and government representatives to build new methodologies and technologies that will influence national AI security strategy for decades to come. You will co-author research proposals, execute studies, and present findings and recommendations to our DoD sponsors, decision makers within government and industry, and at academic conferences. The SEI is a non-profit, federally funded research and development center (FFRDC) at Carnegie Mellon University.   

What you’ll do: 

• Develop state of the art approaches for analyzing robustness of AI systems.  
• Apply these approaches to understanding vulnerabilities in AI systems and how attackers adapt their tradecraft to exploit those vulnerabilities.  
• Reverse engineer malicious code in support of high-impact customers, design and develop new analysis methods and tools, work to identify and address emerging and complex threats to AI systems, and effectively participate in the broader security community. 
• Study and influence the AI security and vulnerability disclosure ecosystems.  
• Evaluate the effectiveness of tools, techniques and processes developed by industry and the AI security research community.  
• Uncover and shape some of the fundamental assumptions underlying current best practice in AI security.   
• Develop models, tools and data sets that can be used to characterize the threats to, and vulnerabilities in, AI systems, and publish those results. You will also use these results to aid in the testing, evaluation and transition of technologies developed by government-funded research programs.  
• Identify opportunities to apply AI to improve existing cybersecurity research. 

Who you are:  

• You have a deep interest in AI/ML and cybersecurity with a penchant for intellectual curiosity and a desire to make an impact beyond your organization. 
• You have practical experience with applying cybersecurity knowledge toward vulnerability research, analysis, disclosure, or mitigation. 
• You have experience with advising on a range of security topics based on research and expert opinion. 
• You have familiarity with implementing and applying AI/ML techniques to solving practical problems. 
• You have familiarity with common AI/ML software packages and tools (e.g., Numpy, Pytorch, Tensorflow, ART). 
• You have knowledge or familiarity with reverse engineering tools (e.g. NSA Ghidra, IDA Pro) 
• You have experience with Python, C/C++, or low-level programming. 
• You have experience developing frameworks, methodologies, or assessments to evaluate effectiveness and robustness of technologies. 
• You have superb communication skills (oral and written), particularly regarding technical communications with non-experts. 
• You enjoy mentoring and cross-training others and sharing knowledge within the broader community. 
• You have BS in machine learning, cybersecurity, statistics, or related discipline with eight (8) years of experience; OR MS in the same fields with five (5) years of experience; OR PhD in the same fields with two (2) years of experience. 
• Applicants with a solid technical background in AI/ML or cybersecurity, but not both, are encouraged to apply provided a strong desire to rapidly learn on the job. 

You are able to: 

• Travel to various locations to support the SEI’s overall mission. This includes within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion (5%). 
• You will be subject to a background check and will need to obtain and maintain a Department of Defense security clearance. 

Why work here?  

• Join a world-class organization that continues to have a significant impact on software.  
• Work with cutting-edge technologies and dedicated experts to solve tough problems for the government and the nation.  
• Be surrounded by friendly and knowledgeable staff with broad expertise across AI/ML, cybersecurity, software engineering, risk management, and policy creation. 
• Get 8% monthly contribution for your retirement, without having to contribute yourself.  
• Get tuition benefits to CMU and other institutions for you and your dependent children.  
• Enjoy a healthy work/life balance with flexible work arrangements and paid parental and military leave.  
• Get access to university resources including mindfulness programs, childcare and back-up care benefits, a monthly transit benefit on WMATA, free transportation on the Pittsburgh Regional Transit System.  
• Enjoy annual professional development opportunities; attend conferences and training or obtain a certification and get reimbursed for membership in professional societies.  
• Qualify for relocation assistance and so much more.     

Location

Pittsburgh, PA

Job Function

Software/Applications Development/Engineering

Position Type

Staff – Regular

Full Time/Part time

Full time

Pay Basis

Salary

More Information: 

SHIELD is a device-first risk intelligence company. We are dedicated to helping organizations worldwide eliminate fake accounts and all malicious activity. Leveraging AI, we identify the root of fraud with the SHIELD Device ID and provide actionable risk intelligence in real time, helping all online businesses stop fraud, build trust, and drive growth. With offices in San Francisco, Miami, London, Berlin, Jakarta, Bengaluru, Beijing, and Singapore, we are rapidly achieving our mission - eliminating unfairness to enable trust for the world.

Responsibilities

As a Security Researcher (JavaScript), you will focus on researching advanced Web Applications protection mechanisms that include client-side runtime execution protection and data and DOM integrity verification. We are looking for motivated and skilled researchers with deep knowledge in Web/application security to work on advancing our technology and solution capabilities.

• Research and develop advanced protection mechanisms on the browser/web application platform, with a focus on the JavaScript language
• Research Web Applications protection mechanisms such as client-side runtime execution protection, and data and DOM integrity verification
• Help drive advances to our Web security products, protect and grow the company intellectual property, as well as help build state-of-the-art Web security solution

• Minimum Degree in Computer Engineering, Computer Science, Electrical Engineering or similar areas
• 3 or more years of experience in at least one of the following areas: JavaScript Web Application Development, Web Security or Web Application Security, Machine Learning applied to cybersecurity
• Knowledge in Web-based architectures
• Must be able to contribute to the design of complex and secure solutions
• Knowledge in Web Application development using JavaScript and Node.js
• Good communication skills, and good english proficiency
• Willingness to learn, adapt and work in a fast-paced environment

At Professional Collections Services, we specialise in commercial debt recovery working with clients of all sizes. The business was established in 1996 from the desire to provide alternative solutions to traditional collection practices. From humble beginnings in a small office in St Lucia, Professional Collection Services has grown to incorporate all facets of the debt recovery process with representation across the country.

Position Available
At Professional Collection Services, we have established ourselves as one of the most well-known recovery agencies amongst the corporate, insolvency, and commercial sectors, providing services in collections, litigation, and credit management. To meet the demands of our services, Professional Collections Services is looking for a full time skilled legal researcher to join our dynamic and hard-working team.

Key Responsibilities
Under the supervision of our legal partner, your responsibilities will include:
• Researching, drafting and assisting with a wide range of legal documents
• Review, organise and maintain legal documents
• Analysing research documents
• Compiling research notes
• Building report and liaising with clients
• Reviewing and interpreting contracts and legislation
• Reviewing files to achieve effective and timely outcomes
• Some administrative tasks

Qualification Required
• Bachelor’s Degree in law; or
• 2 years of relevant experience

Salary Expectations
$70,000.00 Per Annum + Super

The Sr. Security Researcher will report to Sr. Manager, Security Research.  The Security Researcher will be primarily responsible for working on different cyber-security specific research projects, performing malware analysis (static and dynamic) and develop protection to prevent them, extract and analyze Indicators-Of-Compromise and come-up with new detection techniques. 

ThreatLabZ is the security research arm of Zscaler. This world-class team is responsible for hunting new threats and ensuring that the 15 million users on the global Zscaler platform are always protected. In addition to malware research and behavioral analysis, team members are involved in the research and development of new prototype modules for advanced threat protection on the Zscaler platform, and regularly conduct internal security audits to ensure that Zscaler products and infrastructure meet security compliance standards. ThreatLabZ regularly publishes in-depth analyses of new and emerging threats on its portal, research.zscaler.com.

Responsibilities/What You’ll Do:

• Perform malware analysis (static and dynamic) and develop protection to prevent them
• Perform reputation analysis on the IOCs extracted from the malicious samples’ analysis
• Track threat landscape, analyze emerging threats, identify TTP and develop detection and protection signatures
• Analyze various C2 framework & provide generic coverage for them 
• Analyze vulnerabilities & develop coverage for known exploits & zero-days
• Perform QA and improve upon existing protection
• Develop automation to aid in research and analysis projects
• Write security blogs and papers related to threat analysis

Are you a cybersecurity and/or AI researcher who enjoys a challenge? Are you excited about pioneering new research areas that will impact academia, industry, and national security? If so, we want you for our team, where you’ll collaborate to deliver high-quality results in the emerging area of AI security. 

The CERT Division of the Software Engineering Institute (SEI) is seeking applicants for the AI Security Researcher role. Originally created in response to one of the first computer viruses -- the Morris worm – in 1988, CERT has remained a leader in cybersecurity research, improving the robustness of software systems, and in responding to sophisticated cybersecurity threats.  Ensuring the robustness and security of AI systems is the next big challenge on the horizon, and we are seeking life-long learners in the fields of cybersecurity, AI/ML, or related areas, who are willing to cross-train to address AI Security.  

The Threat Analysis Directorate, is a group of security experts focused on advancing the state of the art in AI security at a national and global scale.  Our tasks include vulnerability discovery and assessments, evaluation of the effectiveness and robustness of AI systems, exploit discovery and reverse engineering, and identifying new areas where security research is needed. We participate in communities of network defenders, software developers and vendors, security researchers, AI practitioners, and policymakers.

You'll get a chance to work with elite AI and cybersecurity professionals, university faculty, and government representatives to build new methodologies and technologies that will influence national AI security strategy for decades to come. You will co-author research proposals, execute studies, and present findings and recommendations to our DoD sponsors, decision makers within government and industry, and at academic conferences. The SEI is a non-profit, federally funded research and development center (FFRDC) at Carnegie Mellon University.   

What you’ll do: 

• Develop state of the art approaches for analyzing robustness of AI systems.  
• Apply these approaches to understanding vulnerabilities in AI systems and how attackers adapt their tradecraft to exploit those vulnerabilities.  
• Reverse engineer malicious code in support of high-impact customers, design and develop new analysis methods and tools, work to identify and address emerging and complex threats to AI systems, and effectively participate in the broader security community. 
• Study and influence the AI security and vulnerability disclosure ecosystems.  
• Evaluate the effectiveness of tools, techniques and processes developed by industry and the AI security research community.  
• Uncover and shape some of the fundamental assumptions underlying current best practice in AI security.   
• Develop models, tools and data sets that can be used to characterize the threats to, and vulnerabilities in, AI systems, and publish those results. You will also use these results to aid in the testing, evaluation and transition of technologies developed by government-funded research programs.  
• Identify opportunities to apply AI to improve existing cybersecurity research. 

Who you are:  

• You have a deep interest in AI/ML and cybersecurity with a penchant for intellectual curiosity and a desire to make an impact beyond your organization. 
• You have practical experience with applying cybersecurity knowledge toward vulnerability research, analysis, disclosure, or mitigation. 
• You have experience with advising on a range of security topics based on research and expert opinion. 
• You have familiarity with implementing and applying AI/ML techniques to solving practical problems. 
• You have familiarity with common AI/ML software packages and tools (e.g., Numpy, Pytorch, Tensorflow, ART). 
• You have knowledge or familiarity with reverse engineering tools (e.g. NSA Ghidra, IDA Pro) 
• You have experience with Python, C/C++, or low-level programming. 
• You have experience developing frameworks, methodologies, or assessments to evaluate effectiveness and robustness of technologies. 
• You have superb communication skills (oral and written), particularly regarding technical communications with non-experts. 
• You enjoy mentoring and cross-training others and sharing knowledge within the broader community. 
• You have BS in machine learning, cybersecurity, statistics, or related discipline with ten (10) years of experience; OR MS in the same fields with eight (8) years of experience; OR PhD in the same fields with five (5) years of experience. 
• Applicants with a solid technical background in AI/ML or cybersecurity, but not both, are encouraged to apply provided a strong desire to rapidly learn on the job. 

You are able to: 

• Travel to various locations to support the SEI’s overall mission. This includes within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion (5%). 
• You will be subject to a background check and will need to obtain and maintain a Department of Defense security clearance. 

Why work here?  

• Join a world-class organization that continues to have a significant impact on software.  
• Work with cutting-edge technologies and dedicated experts to solve tough problems for the government and the nation.  
• Be surrounded by friendly and knowledgeable staff with broad expertise across AI/ML, cybersecurity, software engineering, risk management, and policy creation. 
• Get 8% monthly contribution for your retirement, without having to contribute yourself.  
• Get tuition benefits to CMU and other institutions for you and your dependent children.  
• Enjoy a healthy work/life balance with flexible work arrangements and paid parental and military leave.  
• Get access to university resources including mindfulness programs, childcare and back-up care benefits, a monthly transit benefit on WMATA, free transportation on the Pittsburgh Regional Transit System.  
• Enjoy annual professional development opportunities; attend conferences and training or obtain a certification and get reimbursed for membership in professional societies.  
• Qualify for relocation assistance and so much more.   

Location

Pittsburgh, PA

Job Function

Software/Applications Development/Engineering

Position Type

Staff – Regular

Full Time/Part time

Full time

Pay Basis

Salary

More Information: