Vulnerability & Exploitation Specialist
About The Position
Our team conducts Vulnerability Research and Reverse Engineering in a rapid prototyping, R&D environment. On this highly-visible program, you can get your hands dirty with a wide variety of tools and systems and get a chance to do some of the really cool things that can be done with a CNO skill set. The project consists of small teams working closely with customers to respond to specific mission needs, create new tools and techniques, and address ongoing challenges. This work is very hands-on, and the culture supports developing talent and letting smart people grow and tackle real-world challenges in a flexible, fun environment. On this project you could work with C/C++, Python, Assembly (x86/x64), Java, mobile OS's, windows, linux, RE and debugging tools, and more. Work on this program takes place in both customer and contractors SCIFs in the Annapolis Junction, MD area (we cannot support remote work) and requires a TS/SCI + Poly clearance (acceptable to this customer). GRVTY is seeking a Vulnerability & Exploitation Specialist with a TS/SCI + Poly clearance (applicable to this customer) to join one of our top projects in Annapolis Junction, MD. We are looking for candidates who have discovered a 0-day vulnerabilities or a list of CVEs (public vulnerability disclosures) they discovered or contributed to. We are also looking for any specific work they’ve done exploiting vulnerabilities.
Requirements
- Active TS/SCI with Polygraph Clearance
- 0-day vulnerabilities or CVEs discovered and attributed to themselves
- History performing vulnerability research
- Experience with writing or using fuzzers – AFL, LibFuzzer, ClusterFuzz, oss-fuzz
- Experience with code analysis tools – CodeQL, Joern, Semgrep
- History of exploiting or productizing 0-day vulnerabilities
- History of exploiting or productizing n-day vulnerabilities/CVEs/publicly disclosed vulnerabilities
- History of reverse engineering malware or other code for CNE purposes
- Experience with reverse engineering tools – Ghidra, Ida Pro, Binary Ninja Experience using debuggers – GDB or WinDbg
- Experience writing, navigating, and building C/C++ code
- Experience with tools like VsCode, Visual Studio, VIM/Emacs
- Familiarity with ARM or MIPS architectures and Linux variants
- We also use Python to write a lot of our tools, so that is good to see
Benefits
- Robust health plan including medical, dental, and vision
- Health Savings Account with company contribution
- Annual Paid Time Off and Paid Holidays
- Paid Parental Leave
- 401k with generous company match
- Training and Development Opportunities
- Award Programs
- Variety of Company Sponsored Events
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
