Vulnerability Researcher, Senior (TS/SCI w/Poly)

Ready for a challenge that will keep you on the edge of cybersecurity? Are you an experienced vulnerability researcher and reverse engineer who thrives in a fast-paced environment working with a collaborative team?

If so, then apply today and be part of a team that supports the United States Cyber Command (USCC), where you will have a significant impact on the mission. Join our team of best-in-industry cyber warriors dedicated to providing superior service in support of national defense objectives.

What You'll Be Doing:

• Conduct advanced vulnerability research and reverse engineering on target software and hardware systems to identify exploitable weaknesses for cyberspace capability development.

• Perform technical analysis of target platforms, including discovery of zero-day vulnerabilities through fuzzing and code analysis.

• Reverse engineer software applications, firmware, and hardware components using disassemblers, debuggers, and binary analysis tools.

• Perform vulnerability discovery through automated fuzzing, manual code review, and dynamic/static analysis techniques.

• Develop proof-of-concept exploits to validate vulnerability findings and assess operational utility.

• Analyze target system architectures, protocols, and security mechanisms to identify attack surfaces and weakness patterns.

• Document vulnerability technical details, exploitation methodology, and recommended capability development approaches.

• Provide technical intelligence briefs to capability developers on target system weaknesses and exploitation pathways.

• Collaborate with capability development teams to translate vulnerability research into operational tools.

• Maintain awareness of public vulnerability disclosures, exploit techniques, and adversary tradecraft relevant to target systems.

• Conduct limited TDY travel as mission requires.

Minimum Qualifications:

• Active TS/SCI with Poly

• Bachelor’s degree in related technical field and 8+ years of related professional experience - or - Master's degree and 5+ years of related professional experience

• 3+ years conducting vulnerability research, reverse engineering, or exploit development

• Expert proficiency with disassemblers/decompilers (IDA Pro, Ghidra, Binary Ninja)

• Strong understanding of x86/x64/ARM assembly language and processor architectures

• Practical experience with debuggers (WinDbg, GDB, LLDB) and dynamic analysis tools

• Demonstrated capability discovering vulnerabilities in compiled software (C/C++/Rust applications)

• Understanding of common vulnerability classes (memory corruption, logic flaws, race conditions)

• Proficiency with fuzzing frameworks (AFL, libFuzzer, Honggfuzz) and corpus management

• Strong scripting skills (Python, Ruby, or similar) for automation and analysis

• Experience documenting technical research for both technical and operational audiences

Preferred Qualifications:

• Experience with Windows kernel/driver reverse engineering

• Firmware analysis and embedded systems reverse engineering

• Network protocol analysis and vulnerability research

• Experience with UEFI/BIOS or bootloader security analysis

• Published vulnerability research (CVEs, conference presentations, blog posts)

• Familiarity with symbolic execution and taint analysis tools

• Understanding of offensive cyberspace operations workflows