Senior Exploit Developer (US - Remote)

About The Position

Requirements

• Prior experience with exploit development for RCE / initial access vulnerabilities (that do not require authentication to exploit)
• Comfort with reverse engineering and patch diffing
• Experience with Git-based project development
• Experience working on technical projects remotely, alone, and on small teams

Nice To Haves

• Prior cybersecurity work experience (at a vendor or in government)
• Ability to share example exploit code written
• Some experience with programming / software development is helpful
• Experience writing technical blogs and/or giving conference talks is a big plus

Responsibilities

• Reverse engineering software to discover the root cause of both zero-day and n-day vulnerabilities
• Writing original software exploits for initial access vulnerabilities using VulnCheck’s open-source go-exploit framework, including when there are no public PoCs or vulnerability details
• Implementing detections (such as Suricata & Snort signatures, YARA rules, etc.) that accurately identify initial access vulnerabilities being exploited on the wire
• Writing Attack Surface Management (ASM) queries (e.g., Shodan, Census, FOFA, & ZoomEye) to find vulnerable systems likely to be targeted
• Contributing to technical blogs and/or conference talks (optional) on exploit development and attack trends

Benefits

• Competitive salary with employee equity program
• Health, dental, and vision coverage
• Unlimited PTO + All federal holidays observed
• 401(k) program - 100% match on the first 3%, then 50% of the next 3-5% of compensation
• Short and long-term disability coverage
• Remote friendly environment with flexibility
• Expense reimbursement for home internet and phone
• Ongoing professional development, coaching, and learning resources
• Opportunities for career advancement within a fast-growing team