Manager, Cyber Capabilities

at Shift5
πŸ’° $200k-$260k
πŸ‡ΊπŸ‡Έ United States - Remote
πŸ”’ Cybersecurity🟠 Manager

Job description

Shift5 is redefining the future of onboard operational technology (OT).Β As a fast-growing scale-up, we specialize in cutting-edge cybersecurity, predictive maintenance, and compliance for OT systems across defense, aerospace, and rail. We are a team of passionate, innovative professionals who thrive in a collaborative environment, driven by a shared mission to revolutionize how fleets operate. By unlocking and democratizing the vast potential of onboard OT data, we help our customers’ fleets run smarter, safer, and more efficiently. Ready to be part of the next frontier in transportation and critical infrastructure? Come join us.

Our Values:

  • Embrace Truth and Integrity: Base decisions on data, foster open dialogue, and uphold unwavering integrity.
  • User-Centric Focus: Prioritize user needs to guide our actions and resource allocation.
  • Collaborative & Adaptable: Collaborate for excellence, learning from failures and driving iterative improvements, recognizing every decision’s significance.

Shift5 is seeking an experienced Manager, Cyber Capabilities to lead and grow our dedicated vulnerability research team. This pivotal role combines strategic team leadership, mentorship, and execution management with significant hands-on technical contribution. The Manager will drive the research and development of novel cyber capabilities derived from deep vulnerability analysis of embedded systems, operational technology (OT) protocols, and RF communications inherent in critical transportation and defense platforms. This position requires a leader who excels at both guiding a team and actively participating in cutting-edge research, directly supporting Shift5’s mission to bring order to the complexity of onboard data and enhance the security, safety, and resilience of aircraft, rail, and military assets.

Location: Rosslyn, VA - Hybrid (required in-office 3-4 days a week), occasional travel to customer sites <15%.

Responsibilities:

Team Leadership & Mentorship:

  • Lead, manage, mentor, and develop a high-performing team of vulnerability researchers, fostering a culture of technical excellence, innovation, and collaboration.
  • Define clear research objectives, manage project execution across multiple initiatives, allocate resources effectively, and ensure the timely delivery of impactful research outcomes and capabilities.
  • Champion the technical growth and development of team members, identifying skill gaps, providing coaching, and facilitating opportunities to educate others across the organization and company.

Hands-on Research & Capability Development:

  • Serve as a technical leader and individual contributor, actively engaging in complex vulnerability research, reverse engineering (e.g. Ghidra, IDA Pro, Binary Ninja), and proof-of-concept development targeting embedded systems (firmware, RTOS, hardware), OT protocols, and RF communications systems.
  • Spearhead the development of novel cyber capabilities - defined as advanced techniques, methodologies, and deep system understanding derived from offensive security research

Tooling & Innovation:

  • Direct and contribute to the architecture, design, and development of specialized software tools and frameworks to accelerate vulnerability discovery, reverse engineering, and capability development efforts. This includes prototyping innovative tooling and frameworks designed to enhance research efficiency and effectiveness.
  • Cultivate an environment of innovation by encouraging the exploration of new attack surfaces, unconventional research methodologies, and the creative application of research findings.

Collaboration & Communication:

  • Collaborate closely and effectively with cross-functional teams, including Detection Engineering, RF/DSP Engineering, Intelligence Analysts, Product Management, Software/Hardware/Firmware Engineering, and Field Engineering teams, to ensure research findings are operationalized and integrated into Shift5’s products and services.
  • Translate highly complex technical research findings, vulnerability details, and capability implications into clear, concise, and actionable insights consumable by diverse audiences, ranging from deeply technical peers to product managers and executive leadership.
  • May occasionally interface with customers or external partners to understand specific platform challenges, gather requirements, or communicate the impact and value of the team’s research efforts.

Technical Rigor & Reporting:

  • Uphold the highest standards of technical accuracy, quality, and rigor in all research activities and outputs. Oversee the creation and review of detailed technical documentation, including vulnerability reports, exploit analyses, capability demonstrations, and internal knowledge sharing.
  • Maintain expert-level awareness of the latest cyber threats, vulnerability disclosures, exploitation techniques, and research methodologies pertinent to embedded systems, OT security, transportation protocols, and RF communications security.

Qualifications:

The ideal candidate will possess a blend of deep technical expertise in vulnerability research, strong leadership capabilities, and a passion for securing critical systems.

  • Citizenship & Clearance: US Citizenship is required for this role due to the nature of Shift5’s work with defense and government contracts and must possess an active TOP SECRET security clearance, at a minimum.

  • Education: Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, or equivalent practical experience demonstrating deep technical aptitude.

  • Leadership & Management Experience: 1-2+ years of demonstrated experience successfully leading, managing, or formally mentoring technical teams comprising vulnerability researchers, reverse engineers, or closely related engineering roles and managing multiple concurrent projects in a fast-paced environment.

  • Core Technical Experience: 8+ years of direct, hands-on experience in vulnerability research and reverse engineering specifically targeting embedded systems.Proven experience developing proof-of-concept exploits or demonstrating impactful capabilities against embedded system vulnerabilities.

  • Vulnerability Research: Strong proficiency with industry-standard reverse engineering tools (e.g., IDA Pro, Ghidra, Binary Ninja), fuzzing frameworks (e.g. AFL, LibFuzzer) and hardware debugging tools/techniques (e.g., JTAG/SWD debuggers, logic analyzers).

  • Programming Skills: Strong programming proficiency in C/C++, Python, and other programming languages.

  • Systems Knowledge: Solid understanding of embedded system architectures (PPC, ARM, MIPS, etc.), real-time operating systems, operating system internals (kernel architecture, memory management, driver models) and common hardware peripherals/interfaces (UART, SPI, I2C, GPIO).

  • Wireless Communications: Foundational understanding of wireless communication principles and protocols.

  • Communication Skills: Excellent verbal and written communication skills, with a proven ability to articulate complex technical concepts clearly and effectively to both deeply technical and non-technical audiences. Experience presenting at industry conferences or technical workshops is preferred.

  • Collaboration: Proven ability to work collaboratively and effectively within multidisciplinary teams, fostering positive working relationships across engineering, product, and research functions.

  • Preferred: Hands-on experience analyzing, interacting with, and identifying potential weaknesses in serial bus protocols common in transportation and defense (e.g., CAN bus, MIL-STD-1553, ARINC 429, J1939).

  • Preferred: Experience performing vulnerability research or capability development targeting wireless protocols (e.g., Wi-Fi, Bluetooth/BLE, cellular) or specialized RF systems (ADS-B, ACARS, TCAS/IFF, Link16).

Preferred: Prior experience working with specific military weapon systems, commercial or military aircraft or unmanned platforms.

Compensation & Benefits:

  • Base Salary: $200,000-$260,000
  • Bonus program and equity in a fast-growing startup
  • Competitive medical, dental, and vision coverage for employees and their families
  • Health Savings Account with annual employer contributions
  • Employer-paid Life and Disability Insurance
  • Uncapped paid time off policy
  • Flexible work & remote work policy
  • Tax-deferred public transit benefits with Metro SmartBenefits (DC/MD/VA)

We are committed to building an inclusive culture of belonging that embraces the diversity of our people and represents the communities in which we work and the customers we serve. We know the happiest and highest performing teams include people with diverse perspectives and ways of solving problems. We strive to attract and retain talent from all backgrounds and create workplaces where everyone feels empowered to bring their full, authentic selves to work.

Shift5 is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identify, national origin, disability, age, marital status, ancestry, projected veteran status, or any other protected group or class.

Privacy Policy and Notice for Shift5, Inc. Job Applicants, Employees & Contractors

Share this job:
Please let Shift5 know you found this job on Remote First Jobs πŸ™

Similar Remote Jobs

Shift5 logo

Shift5

  • 11 remote jobs

Latest Jobs at Shift5

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service πŸ™

Apply