Vulnerability Researcher
On-siteEngineeringFull-time
WHAT YOU WILL BE DOING
- Leading advanced vulnerability research efforts across operating systems, kernels, firmware, hypervisors, embedded platforms, and complex application stacks.
- Independently scoping ambiguous or underexplored attack surfaces and driving research from initial hypothesis through validated findings.
- Performing deep reverse engineering and in-memory analysis of compiled binaries across multiple architectures (x86/x64, ARM, PowerPC, etc.).
- Designing and executing novel exploitation techniques and mitigation evaluations, including identifying real-world weaknesses in modern defense mechanisms.
- Analyzing undocumented or partially documented system behavior and extending internal interfaces or tooling to support research goals.
- Collaborating with other senior researchers to shape technical direction, review complex work, and raise the overall quality of research output.
- Translating low-level technical findings into clear, actionable insights for internal stakeholders and, when appropriate, customers.
- Contributing to research culture through mentorship, knowledge sharing, and improvements to tools, methodologies, and workflows.
WHAT YOU HAVE DONE
- Conducted high-impact vulnerability research on real-world systems with minimal guidance, producing findings that influenced security decisions or mitigations.
- Demonstrated deep understanding of operating system internals (Windows, Linux, macOS), kernel subsystems, and low-level execution models.
- Reverse engineered complex binaries, firmware, or kernel components and reasoned about their behavior in memory.
- Developed proof-of-concept exploits or mitigation bypasses that go beyond simple crashes and demonstrate meaningful impact.
- Shown strong intuition for exploit mitigations such as ASLR, DEP/NX, stack canaries, CFI, and where their assumptions break down.
- Written research tooling, scripts, or frameworks (e.g., Python, C/C++) to support analysis, exploitation, or automation.
- Collaborated closely with other researchers, provided technical feedback, and influenced how work is approached or evaluated.
- Communicated complex technical concepts clearly in writing and discussion, including with other experts.
EVEN BETTER
- Experience with hypervisors, virtualization stacks, firmware boot chains, or trusted execution environments.
- Background in embedded systems, RTOS environments, or mobile platforms (iOS/Android).
- Familiarity with networking or wireless stacks (Wi-Fi, Bluetooth, cellular) and their security models.
- Contributions to the vulnerability research community (publications, talks, open source).
- Experience with symbolic execution, constraint solving, fuzzing frameworks, or advanced program analysis techniques.
- Malware analysis experience, including deobfuscation, behavioral analysis, or adversarial tooling.
- Interest in shaping long-term research direction, mentoring other researchers, or acting as a technical authority without moving into management.