Senior C Developer - VRT Development (Req #216) Columbia, Maryland

Salary: RSU + MBO

Sourcefire, Inc. (Nasdaq:FIRE), is a world leader in Cyber Security.  Sourcefire is transforming the way Global 2000 organizations and government agencies manage and minimize network security risk. Sourcefire’s IPS and real-time adaptive security solutions provide security for the real world of dynamic networks and escalating threats. Today, the names Sourcefire and Snort have grown synonymous with innovation and Cyber Security.

Sourcefire is a dynamic environment that inspires employees to create opportunities by honing their talents and skills every day.  Employees are self-motivated, results driven and engaged. We recognize and reward quality results and commitment to our company’s purposes and principles.

Sourcefire’s Vulnerability Research Team is looking for an experienced C developer to develop and maintain tools for vulnerability discovery, analysis, and mitigation. Development of fuzzers and static analysis tools to identify new vulnerabilities in software. Development of static and runtime analysis tools to determine the root cause and input conditions related to a vulnerability. Vulnerability triage and proof of concept exploit development to support the creation of detection content. Razorback plugin development for network based exploit mitigation. Additional responsibilities include helping users and other analysts with setup, installation, and usage of the vulnerability research tools and demonstrating leadership in the security community through papers, presentations, and the VRT blog.

 Responsibilities:

  • Create tools for the discovery and triage of vulnerabilities.
  • Writes detailed technical advisories on new vulnerabilities.
  • Develop proof of concept exploits for testing IPS and IDS effectiveness.
  • Reverse engineer binary applications, protocols and formats.
  • Develop detection and analysis plugins for Razorback.
  • Demonstrate leadership with the security community.

Required Skills:

Education and Work Experience

  • Bachelor's degree in CS, CE, or Mathematics preferred.
  • Demonstrable experience with vulnerability research required.

Specialized Knowledge and Skills

  • Proficient in C/C++ and x86 assembler.
  • Proficient in Python or Ruby.
  • Knowledge of Win32/WIN64 API and ABI.
  • Knowledge of common file format and network protocol structures.
  • Exploit development against hardened platforms.
  • Experience binary auditing and reverse engineering.
  • Experience with IDA Pro.
  • Exceptional analytical skills and problem solving skills.
  • Good organization, decision making, and verbal and written communication skills.
  • Ability to work independently with minimum supervision and to take on additional tasks as required.
  • Ability to work with small teams to solve complex problems.
  • A drive to succeed and a passion to solve difficult problems.

 Work Conditions

  • Works closely with software reverse engineers and research analysts  to understand their needs and develop tools to assist with the creation of detection content.
  • Moderate to high levels of stress may occur at times.
  • Fast paced and rapidly changing environment.
  • Extremely talented and experienced team members and mentors.
  • No special physical requirements.
  • Constant internal training, drinking games, and heated discussions.