Cyber Security Researcher
Central Intelligence Agency - Other Agencies and Independent Organizations
Minimum Qualifications 3 years of experience with a system programming language (preferably C or C++) Knowledge of: Operating system concepts (UNIX/Linux, Windows, iOS, or Android) such as Security models, File systems, Process management and isolation, Inter-process communication, Networking, Cryptography Computer science fundamentals and software development best practices Basic Computer Network Exploitation (CNE) and Computer Network Attack (CNA) techniques and terminology Ability to design, develop, debug, and maintain a diverse portfolio of programs written in C/C++, using modern software development tools and methodologies Ability to work effectively in a team environment with competing and ever shifting priorities Ability to identify and manage risk Ability to demonstrated technical leadership Strong verbal and written communication skills, especially the ability to articulate technical requirements to a non-technical audience Demonstrated technical leadership Passionate about information security Ability to meet the minimum requirements for joining CIA, including U.S. citizenship and a background investigation Desired Qualifications Master’s or doctorate degree in one of the following fields: Computer engineering Computer science Software engineering Cybersecurity Information security Proficiency with a scripting language such as Python, Bash, Ruby, or Powershell; the ability to do the following with a scripting language: Automate tasks Parse and interpret log output from operating systems, network devices, and infrastructure services Experience with kernel level programming Familiarity with assembly for one or more architectures (ARM, MIPS, x86/x64) Familiarity with reverse engineering and/or exploitation Experience in vulnerability analysis of source code or assembly Knowledge of exploitation techniques Familiarity of exploitation mitigation techniques Experience with Ghidra, IDA Pro, Binary Ninja, or a similar suite of tools Knowledge of industry threat models such as MITRE’s ATT&CK or Lockheed Martin’s Cyber Kill Chain Knowledge of common reconnaissance, exploitation, and post-exploitation frameworks Knowledge of networking fundamentals at all OSI layers Experience in red teaming or pen-testing Any of the following certifications: Certified Ethical Hacker Certified Penetration Tester OSCE GXPN GWAPT eWPTX ECPTX
Cyber Security Researchers focus in the cyber arena and specialize in the design, development, integration, and deployment of cutting-edge tools, techniques, and systems to support cyber operations.