Advanced Vulnerability Researcher

We are hiring an advanced vulnerability researcher focused on uncovering and exploiting security flaws in modern mobile platforms and web browsers. This role is centered on low-level security research, reverse engineering, and exploit development against highly hardened systems.

The work involves deep technical investigation of software internals, identification of unknown vulnerabilities, and development of reliable exploit chains in real-world environments.

Responsibilities

• Research and discover security vulnerabilities in mobile operating systems and browser engines
• Perform detailed attack surface analysis across applications, system components, and services
• Conduct static and dynamic binary analysis to identify security weaknesses
• Reverse engineer binaries, firmware, and system components to understand internal behavior
• Develop proof-of-concept and production-grade exploits for discovered vulnerabilities
• Analyze, bypass, and evaluate modern security mitigations (sandboxing, ASLR, DEP, etc.)
• Use advanced debugging techniques to analyze crashes and trace root causes
• Document technical findings and exploitation methodologies in clear, detailed reports

Required Qualifications

• Strong expertise in C/C++ programming
• Solid understanding of ARM and/or x86 assembly language
• Proven experience in vulnerability research and exploit development (0day or equivalent)
• Deep knowledge of memory corruption vulnerabilities (stack, heap, use-after-free, etc.)
• Experience with reverse engineering tools such as IDA Pro, Ghidra, or equivalent
• Strong debugging skills using tools like gdb, lldb, or WinDbg
• Understanding of modern exploit mitigations and bypass techniques

Preferred Qualifications

• Experience developing exploits with minimal debugging or runtime visibility
• Strong understanding of mobile OS internals or browser architecture
• Broad knowledge of vulnerability classes and exploitation techniques
• History of published research, technical writeups, or conference presentations
• Demonstrated CVEs, bug bounty findings, or production-level exploit development work

Job Type: Full-time

Experience:

• SoC Exploit: 4 years (Required)
• ARM: 4 years (Required)
• Reverse Engineering: 8 years (Required)

Work Location: Remote