Riverside Research is an independent National Security Nonprofit dedicated to research and development in the national interest. We provide high-end technical services, research and development, and prototype solutions to some of the country’s most challenging technical problems.
 
 All Riverside Research opportunities require U.S. Citizenship.
 

Input handling is an unavoidable part of any system implmentation. Often this requires parsing that input to ensure it fits within a buffer, is of the correct type, and fits to the desired format. Yet, parser security is an often overlooked aspect of cybersecurity in both legacy and modern applications. Many historical bugs can be attributed to flaws within the implementation of a system's parser. With effort, we can secure many systems from abhorrent bugs by following best practices when it comes to developing secure parsers for input handling. Riverside Research's Secure and Resilient Systems group is working to change the way in which we think about parser security. By applying state-of-the-art parsing methodologies, we can create a more secure cyberspace without needing to worry about niche edge-case input vulnerabilities.

Riverside Research is seeking a dynamic and growth focused junior-level research scientist to support research and development of bleeding-edge parser security technologies. As a key member of our Secure and Resilient Systems team, the research scientist will interface with government research organizations (e.g. DARPA, IARPA, service labs, etc.), work on existing R&D contracts, and develop bleeding-edge technologies for transition to the warfighter. The research scientist will interface with team members across Riverside Research locations.

The research scientist will contribute to a diverse team responsible for developing security technologies in a variety of DoD systems. They will get hands-on experience working towards and developing secure parsers in the interest of DoD partners. They will develop software and systems that use new and existing technologies in areas that these technologies may have never been applied to. They will also contribute to technical writing in their research area. The research scientist should hands on experience in C/C++ and Python, as well as a strong understanding of the pitfalls of improper input handling. They should be able to think creatively to express why vulnerabilities such as Heartbleed can be classified as parser vulnerabilities.

Help the group design innovate parser and data protocol capabiltiies
Assist in utilizing created and existing tools for DoD use cases
Build new tools and/or capabilities in languages like C/C++, Python, etc.
Contribute to whitepapers and/or publish papers that document innovative work performed
Collaborate with team members on debugging programs, designing systems, reviewing papers, etc.
Participate in relevant internal and customer meetings

Required:

 

Bachelor's degree in Computer Science, Computer Engineering, Electrical Engineering, or Cybersecurity and 2 years of relevant experience
A deep technical understanding of cybersecurity problems and solutions
Proficiency in programming languages C/C++ and Python
Experience with version control (Git)
Knowledge on data formats and an interest in exploring what makes a secure data format
Knowledge of networking protocols
Experience with secure input handling
Must be eligible to optain a Top Secret security clearance
Self-driven, strong analytic, inferencing, critical thinking, and creative problem-solving skills

 

Desired:

Experience with parser design/development
Experience with DoD open architecture standards
Healthy balance between technical orientation and business acumen
Ability to operate independently with limited supervision and feedback, and establish a solid working relationship with technical staff and peers in the group and across Riverside Research
Superior written and verbal communication skills

$88,000 - $140,000 This represents the typical compensation range for this position based on experience, location and other factors.

 
Riverside Research Institute is a not-for-profit, technology-oriented defense company, where service to our customers and support of our staff is our overall mission. Riverside is an affirmative action-equal opportunity employer and complies with all applicable federal, state, and local laws regarding recruitment and hiring.  Riverside offers comprehensive compensation and benefit packages to our employees.
Riverside bases its employment decisions solely on technical experience, qualifications and other job-related criteria related to our organizational purpose as a not-for-profit company, and without regard to race, color, religion, age, sex marital status, sexual orientation, national origin, physical or mental disability, veteran’s status or any other status legally protected by applicable federal, state, and local law.