Senior Vulnerability Researcher, Advisor
About The Position
We are seeking an experienced Vulnerability Researcher to support a highly sensitive government customer in Virginia. This role focuses on advanced vulnerability discovery and exploitation across software, hardware, and networked systems in support of mission-critical operational and analytic capabilities. The ideal candidate goes well beyond automated scanning and brings deep hands-on expertise in identifying, understanding, and exploiting complex security weaknesses relevant to national security and lawful collection missions. This is a highly technical role for researchers who thrive on solving hard problems and redefining the boundaries of vulnerability research. This role aligns closely with Computer Network Exploitation (CNE) and Computer Network Operations (CNO) mission sets and requires hands-on vulnerability discovery, reverse engineering, and exploit development beyond automated tools. The ideal candidate goes well beyond automated scanning and brings hands-on expertise in identifying, understanding, and exploiting complex security weaknesses relevant to national security and lawful collection missions.
Requirements
- BS/BA with 8+ years of relevant experience
- MS/MA with 6+ years of relevant experience
- PhD with 3+ years of relevant experience
- OR 12 years of relevant experience in lieu of a degree
- Demonstrated experience leading or contributing to complex technical efforts from inception through completion.
- Proven ability to consult with customers, define technical problems, analyze data, and recommend effective solutions.
- Experience providing technical guidance and detailed analysis in support of mission-critical challenges.
- Active TS/SCI security clearance is required; ability to obtain a polygraph.
Nice To Haves
- 10+ years of experience in vulnerability research, exploitation, or advanced security analysis is preferred.
- Demonstrated expertise in vulnerability discovery and exploitation beyond automated tools, including:
- Fuzzing techniques and exploit development
- Reverse engineering, debugging, and binary analysis
- Black-box and gray-box testing methodologies
- Web application vulnerability research
- Hardware and embedded systems security
- Hands-on experience with industry-standard tools and frameworks such as:
- IDA Pro, Ghidra
- x64DBG, WinDBG
- Wireshark, Scapy (Python)
- Burp Suite, OWASP frameworks
- Metasploit
- Strong programming and scripting skills in one or more of the following: C, C++, Python, Ruby, Go, Assembly.
- Deep understanding of computer science fundamentals, system internals, and network protocols.
- Exceptional analytical, problem-solving, and research skills with a passion for tackling complex technical challenges.
- Advanced certifications, specialized training, or equivalent hands-on experience may be considered in lieu of years of experience.
Responsibilities
- Conduct advanced vulnerability research to identify, analyze, and exploit weaknesses in host, mobile, web, and network-based systems.
- Perform hands-on testing using black-box and white-box methodologies to uncover previously unknown vulnerabilities.
- Develop proof-of-concept exploits and clearly document technical findings for operational, forensic, and analytic use cases.
- Apply reverse engineering, debugging, and binary analysis techniques to understand system behavior and root causes of vulnerabilities.
- Support the development and enhancement of technical capabilities addressing sophisticated threats from criminal and nation-state actors.
- Provide technical leadership and expert guidance on complex research efforts, contributing to project planning and execution.
- Communicate complex technical concepts and recommendations effectively to both technical and non-technical stakeholders.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
5,001-10,000 employees
