Cleared Vulnerability Research Engineer

About The Position

Requirements

• Expertise in reverse engineering of binaries (x86-64, ARM64, etc) using tools such as Binary Ninja, Ghidra, or IDA Pro.
• Precise understanding of stack and heap objects and exploit-relevant vulnerabilities (e.g., Use-after-free, Type confusion, Integer truncation, Buffer overflow).
• Demonstrated ability to discover new vulnerabilities, not just exploit known ones.
• Experience with both manual analysis and automated techniques (e.g., fuzzing).
• Ability to code and debug C, Python, and Assembly (x86-64, ARM, etc).
• Ability to independently translate an under defined mission objective into a concrete, technically novel capability.
• Comfort operating with minimal supervision.
• TS/SCI clearance required (inactive SCI acceptable if SCI-clearable).
• Ability to travel to customer sites as required.

Responsibilities

• Design, develop, and validate novel vulnerability discovery and exploitation capabilities.
• Conduct expert reverse engineering of binaries (x86-64, ARM64, etc.) using industry-standard tools.
• Identify and exploit real-world vulnerabilities such as Use-after-free, Type confusion, Integer truncation, and Buffer overflow.
• Demonstrate ability to discover new, novel vulnerabilities in complex systems.
• Rapidly understand current vulnerability research and apply findings to identify new instances of vulnerability classes.
• Employ both manual analysis and automated techniques (e.g., fuzzing) for vulnerability discovery.
• Code and debug complex functions in C, Python, and Assembly (x86-64, ARM, etc.).
• Independently manage and execute research objectives, including scoping, research, experimentation, validation, and iteration.
• Travel to customer sites as required.
• Perform on-site for extended periods of time.