Vulnerability Researcher, Senior Associate
About The Position
We are seeking multiple Vulnerability Researchers to support a highly sensitive government customer in Virginia. This role focuses on advanced vulnerability discovery and exploitation across software, hardware, and networked systems in support of mission-critical operational and analytic capabilities. The ideal candidate brings hands-on expertise in identifying, understanding, and exploiting complex security weaknesses relevant to national security and lawful collection missions. This is a highly technical role for researchers who thrive on solving hard problems and redefining the boundaries of vulnerability research. This role aligns closely with Computer Network Exploitation (CNE) and Computer Network Operations (CNO) mission sets and requires hands-on vulnerability discovery, reverse engineering, and exploit development beyond automated tools. The ideal candidate goes beyond automated scanning, brings hands-on expertise in identifying, understanding, and exploiting complex security weaknesses relevant to national security and lawful collection missions.
Requirements
- BS/BA with 2+ years of relevant experience or 6 years with no degree
- Advanced certifications, specialized training, or equivalent hands-on experience may be considered in lieu of years of experience.
- Experience with vulnerability research, exploitation development, or advanced security analysis
- Knowledge of exploitation techniques
- Experience in writing exploits in one or more of the following: C, C++, Python and Ruby
- Active TS/SCI security clearance is required; ability to obtain a polygraph.
Nice To Haves
- Experience with vulnerability discovery and exploitation beyond automated tools, including:
- Fuzzing techniques and exploit development
- Reverse engineering, debugging, and binary analysis
- Black-box, gray-box and white-box testing methodologies
- Web application vulnerability research
- Hardware and embedded systems security
- Experience with industry-standard tools and frameworks such as:
- IDA Pro, Ghidra
- x64DBG, WinDBG
- Wireshark, Scapy (Python)
- Burp Suite, OWASP frameworks
- Metasploit
- Understanding of computer science fundamentals, system internals, and network protocols.
- Analytical, problem-solving, and research skills with a passion for tackling complex technical challenges.
- Ability to contribute to complex technical efforts from inception through completion.
- Ability to consult with customers, define technical problems, analyze data, and recommend effective solutions.
- Experience providing technical guidance and detailed analysis in support of mission-critical challenges.
Responsibilities
- Conduct advanced vulnerability research to identify, analyze, and exploit weaknesses in host, mobile, web, and network-based systems.
- Perform hands-on testing using black-box, white-box and grey-box methodologies to uncover previously unknown vulnerabilities.
- Develop proof-of-concept exploits and clearly document technical findings for operational, forensic, and analytic use cases.
- Apply reverse engineering, debugging, and binary analysis techniques to understand system behavior and root causes of vulnerabilities.
- Support the development and enhancement of technical capabilities addressing sophisticated threats from criminal and nation-state actors.
- Provide technical leadership and expert guidance on complex research efforts, contributing to project planning and execution.
- Communicate complex technical concepts and recommendations effectively to both technical and non-technical stakeholders.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
