Manager, Cyber Capabilities- Hybrid Rosslyn, VA

Manager, Cyber Capabilities

This company delivers advanced solutions in cybersecurity, predictive maintenance, and compliance for OT systems within the defense, aerospace, and rail sectors. Their team is made up of dedicated, forward-thinking professionals who excel in a collaborative setting, united by a common goal: transforming the way fleets operate.

The company is located in Rosslyn, VA - Hybrid (required in-office 3-4 days a week), occasional travel to customer sites <15%.

What You Will Be Doing:

• Act as both a technical leader and hands-on contributor, driving complex vulnerability research, reverse engineering (using tools such as Ghidra, IDA Pro, Binary Ninja), and proof-of-concept development across embedded systems (including firmware, RTOS, and hardware), operational technology (OT) protocols, and RF communications.
• Lead the creation of novel cyber capabilities—defined as advanced techniques, methodologies, and in-depth system knowledge emerging from offensive security research.

• Lead the design, architecture, and development of specialized software tools and frameworks that accelerate vulnerability discovery, reverse engineering, and capability development.
• Prototype cutting-edge tooling to improve research workflows, enhance efficiency, and push the boundaries of what’s technically possible.
• Foster a culture of innovation by promoting exploration of unconventional attack vectors, creative research approaches, and out-of-the-box application of findings.

• Clearly communicate complex research outcomes, vulnerability details, and capability implications to a broad range of stakeholders—from technical teams to executive leadership.
• Occasionally engage with customers or partners to gather platform-specific requirements, share insights, or explain the strategic value of the team’s research.

• Oversee the development of comprehensive technical documentation, including vulnerability analyses, exploit demonstrations, internal knowledge bases, and capability overviews.
• Stay at the forefront of evolving threats, emerging vulnerabilities, exploitation techniques, and cutting-edge methodologies relevant to embedded systems, OT security, transportation networks, and RF communications.

Required Skills & Experience:

• Candidates must hold an active TOP SECRET security clearance at a minimum.
• Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, or equivalent hands-on experience demonstrating strong technical acumen.
• 1–2+ years of proven experience leading, managing, or formally mentoring technical teams—specifically in vulnerability research, reverse engineering, or closely related disciplines—while overseeing multiple concurrent projects in a dynamic, fast-paced environment.
• 8+ years of hands-on experience in vulnerability research and reverse engineering focused on embedded systems. Demonstrated ability to develop proof-of-concept exploits or impactful capabilities against real-world embedded system vulnerabilities.
• Deep proficiency with reverse engineering tools such as IDA Pro, Ghidra, and Binary Ninja; fuzzing frameworks like AFL and LibFuzzer; and hardware debugging tools/techniques, including JTAG/SWD debuggers and logic analyzers.
• Strong programming background in C/C++ and Python, with experience in additional languages as needed for reverse engineering and exploit development.
• In-depth understanding of embedded system architectures (e.g., ARM, PPC, MIPS), real-time operating systems (RTOS), OS internals (kernel architecture, memory management, device drivers), and common hardware interfaces such as UART, SPI, I2C, and GPIO.
• Foundational knowledge of wireless communication protocols and radio frequency (RF) principles.
• Exceptional verbal and written communication skills. Ability to convey complex technical material clearly to both technical and non-technical audiences. Prior experience presenting at industry conferences or technical workshops is a plus.
• Demonstrated success working within multidisciplinary teams, fostering strong collaboration across engineering, product, and research functions.

Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn’t provide sponsorship.