Senior Vulnerability Researcher
About The Position
KBR is seeking a Senior Vulnerability Researcher to lead vulnerability discovery and validation against embedded systems and firmware. This role owns end‑to-end vulnerability research: building emulation-backed test environments, designing fuzzing and analysis workflows, performing crash triage and root-cause analysis, and developing proof‑of-concept exploits to validate impact in a controlled lab setting. The Senior Vulnerability Researcher provides technical leadership, mentors engineers into defined proficiencies, and works directly with government customers to deliver reproducible findings and scalable research capability.
Requirements
- Security Clearance: Must have an active U.S. government Secret security clearance, which is something only a U.S. citizen can obtain
- Education: Master’s degree in Computer Engineering, Electrical Engineering, Computer Science, or a related field
- 10+ years of experience, including at least 5 years in vulnerability research, reverse engineering, or exploit development
- Strong understanding of embedded systems, firmware, operating systems, and low-level software behavior
- Proficiency in C/C++, Python, and assembly for vulnerability research, harness development, and automation
- Experience building emulation-backed analysis environments
- Demonstrated experience with coverage-guided fuzzing, harness development, and crash triage workflows
- Demonstrated ability to produce proof‑of-concept exploits for vulnerability validation
- Demonstrated leadership, mentorship, and customer engagement experience
Nice To Haves
- Experience with hybrid fuzzing and advanced analysis techniques
- Experience scaling fuzzing or dynamic testing programs
- Experience with hardware security research
- Publications, reports, or presentations in vulnerability research or embedded security
Responsibilities
- Lead and mentor vulnerability researchers; set technical direction and intentionally develop individual proficiencies
- Execute vulnerability research on embedded targets using asset‑safe approaches
- Build and maintain fuzzing pipelines, including target selection, harness development, seed/corpus management, and coverage-driven campaign design
- Perform crash triage, exploitability assessment, and root-cause analysis
- Develop proof‑of-concept exploits to demonstrate vulnerability impact in controlled labs
- Create controlled test harnesses and orchestration to exercise payload delivery and validate behavior deterministically across runs
- Reverse engineer firmware/binaries as needed to understand vulnerable code paths, exploitation constraints, and exploit mechanics
- Engage customers to understand mission outcomes and shape scalable research approaches
- Produce high-quality technical reports and supporting artifacts suitable for release
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
