Senior Vulnerability Researcher (Cloud & Containers)

About The Position

Requirements

• An active Top Secret clearance.
• 7+ years of professional experience in vulnerability research, software exploitation, or low-level engineering.
• Expert-level proficiency in Go, Rust, and C/C++.
• Strong command of Python3 for scripting and automation of research tasks.
• Deep understanding of x86/ARM assembly and memory corruption primitives.
• Proven track record of finding vulnerabilities in distributed systems, virtualization layers, or container runtimes.
• Hands-on experience with disassembly and decompilation tools (e.g., IDA Pro, Ghidra, Binary Ninja) and debugging tools (GDB).
• Detailed understanding of Linux kernel internals, specifically namespaces, cgroups, and the container execution model.
• Experience with automated bug-hunting techniques, including fuzzing and symbolic/concolic execution.

Nice To Haves

• An active SCI clearance is highly desired.
• Experience with Kubernetes security architecture and service mesh implementations (Istio, Linkerd).
• Familiarity with hardware-assisted isolation technologies and TEEs (Trusted Execution Environments).
• Ability to build scalable security tooling and infrastructure to support analysis workflows in a team setting.
• Background in cloud provider security (AWS, Azure, or GCP) and underlying hypervisor technology.

Responsibilities

• Conduct deep-dive research into OCI runtimes (runc, crun) and Linux kernel primitives (namespaces, cgroups, eBPF) to identify breakout and privilege escalation paths.
• Perform static and dynamic analysis on compiled binaries (Go, Rust, C++) using IDA Pro, Ghidra, or Binary Ninja to map undocumented logic and potential security issues.
• Build and maintain custom fuzzing harnesses (e.g., AFL++, libFuzzer) to stress-test gRPC interfaces, service mesh components, and microservices.
• Utilize concolic execution tools (e.g., Angr, Manticore) to automate the discovery of complex execution paths and bypass security checks.
• Investigate edge-case behaviors in containerized environments and low-level system initialization logic to reveal hidden attack surfaces.
• Develop custom tools and scripts (primarily in Python3) to automate research workflows, protocol decoding, and memory analysis.
• Document findings clearly and translate technical complexity into actionable reports for security and engineering teams.

Benefits

• flexible time off benefit
• robust learning resources
• comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.