Cyber Capability Developer (Reverse Engineering)

Job Description

ECS is seeking a Cyber Capability Developer (Reverse Engineering) to work in our Lorton, VA office.

ECS's National Security & Civilian Business unit is seeking a highly motivated Cyber Capability Developer (Reverse Engineer) to support a mission-focused portfolio of cyber research and development efforts and the IT infrastructure that enables them. The purpose of this initiative is to enhance and sustain capabilities in IT Support, IT Security, IT Services, and Administrative Compliance that directly underpin complex technical investigations across law enforcement and intelligence community agencies, where rapid advances in global communications, data networks, cellular systems, and the Internet technologies present constant operational challenges. Operating in a highly collaborative, Agile environment, this program leverages rapid research and development methods to create solutions to real-world operational problems, with emphasis on device exploitation, application analysis, and advanced reverse engineering of software, firmware, and embedded systems.

As a Cyber Capability Developer (Reverse Engineer), you will apply deep reverse engineering skills to analyze binaries, firmware, and complex systems in support of cutting-edge cyber capabilities, vulnerability discovery, and exploitation and mitigation research. You will work closely with security analysts, developers, and mission stakeholders to uncover vulnerabilities, extract proprietary algorithms, understand low-level behaviors, and translate technical findings into actionable operational capabilities and clear, defensible documentation. Drawing on Agile practices, you will contribute to planning, execution, and continuous improvement of team workflows-helping drive efficiency, collaboration, and innovation while rapidly iterating on prototypes and research outcomes.

Responsibilities

• Reverse Engineering: Assist with conducting reverse engineering efforts to analyze software binaries, firmware, and systems, uncovering vulnerabilities, extracting proprietary algorithms, and understanding complex functionalities.
• Vulnerability Identification: Assist in the discovery and analysis of security vulnerabilities, weaknesses, and design flaws in software applications and systems through comprehensive reverse engineering techniques.
• Collaborative Problem-Solving: Collaborate closely with security analysts, developers, and stakeholders to address complex technical challenges, propose solutions, and drive implementation efforts.
• Documentation and Reporting: Document reverse engineering findings, analysis methodologies, and project progress. Prepare technical reports and presentations to communicate results, recommendations, and project status effectively.
• Continuous Improvement: Continuously improve reverse engineering processes and practices within the team. Identify opportunities for optimization, implement best practices, and drive innovation in reverse engineering techniques.

Required Skills

• Clearance Level Required: Top Secret. Willing/able to obtain and maintain an SCI w/CI Poly
• Bachelor's degree is preferred.
• 5+ years of professional experience in reverse engineering, cybersecurity, or software development roles, with exposure to reverse engineering activities.
• Minimum of three (3) years of experience working in Agile environments

Desired Skills

• Strong proficiency with disassemblers, debuggers, and tooling such as Ghidra, IDA Pro (and IDAPython), Radare2, GDB, x64dbg, and WinDbg.
• Hands-on experience with embedded systems, firmware, and FPGA/CPLD reverse engineering, including JTAG-based analysis and bitstream tooling.
• Demonstrated capability in binary exploitation (stack canaries, DEP/NX, ASLR/PIE, RELRO), ROP, heap exploitation, format string attacks, and shellcoding.
• Proficient in C/C++, Python, and Bash/shell scripting for tooling, PoCs, and exploit or implant development.
• Experience with malware analysis (static and dynamic), PE/ELF formats, Windows internals, and common sandbox/virtualization platforms.
• Familiarity with mobile application security (Android/iOS), including Frida-based instrumentation, rooting/jailbreaking, and APK/IPA analysis.
• Track record of participation in competitive IT/cybersecurity challenges that demonstrate advanced problem-solving in reverse engineering and exploitation.
• Ability to produce clear technical documentation, reports, and white papers for technical and non-technical audiences.
• Background in ethical hacking and/or testing software vulnerabilities with a working knowledge of hacking tools and techniques such as memory corruption exploits, buffer overflows, rootkits, protocol poisoning, MetaSploit, nmap, etc.
• Cybersecurity certifications (e.g. CISSP, CEH, Security+)

#ECS1

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3300+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.