top of page

Senior Vulnerability Researcher

Annapolis Junction, MD, USA

Job Type

Full Time

Workspace

On-site at customer SCIF

About the Role

Stackpiercer Labs is seeking a skilled and motivated vulnerability researcher with an active TS/SCI clearance and full-scope polygraph (preferred) or CI poly with sufficient experience (min 5+ years of combined VR or exploit dev). This role invites career-oriented researchers and exploit developers to team with industry experts tackling the industry’s hardest problems. This position presents the opportunity to engineer tangible contributions to mission-critical tasks, discover new vulnerabilities in widely used software, and guide the development process of turning those vulnerabilities into working exploits.

Requirements

Required Skills
  • Forensic familiarity in one of the following platforms: Windows, Linux//Unix, Android

  • Proficiency in C/C++ and Python

  • Proficiency with assembly (x86/x64/arm/aarch64)

  • Familiarity with modern software engineering practices (Scrum, Agile etc.)

  • Expert knowledge of cyber security systems, including networking, kernels, security subsystems (DEP, ASLR, ROP), etc.

  • Fundamental understanding of Vulnerability Research concepts (fuzzing, static analysis, dynamic analysis)

Desired Skills
  • Ability to coordinate with customers, interpret and negotiate requirements, and communicate effectively with product stakeholders

  • Proficiency with modern vulnerability discovery and analysis toolkits, such as mutation, evolutionary, and taint fuzzers, instrumentation based fuzzing, and symbolic or solver-based fuzzing

  • Proficiency in a wide variety of real-world vulnerability development, such as the creation of PoCs of RCEs, LPEs, sandbox escapes, kernel security defeats, etc.

  • Advanced proficiency in Reverse Engineering and associated toolkits (Ghidra, IDA, Binary Ninja)

  • Advanced proficiency in application and kernel debugging, and associated toolkits (Windbg, gdb, etc)

  • Familiarity with taking proofs of concept and productizing them into working exploits

  • Familiarity with advanced Vulnerability Research topics such as symbolic execution, concolic execution, and automated tooling to conduct static analysis.

About the Company

Stackpiercer Labs is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Application
Active Security Clearance

Submission Successful

bottom of page