Security Researcher

Security Researcher (Defensive Vulnerability Research & Reverse Engineering)

Overview

We are looking for a skilled Defensive Vulnerability Researcher to join our top-tier security team. You’ll identify and analyze vulnerabilities across software, firmware, and embedded systems using advanced reverse engineering. The role includes developing tools and automation to support vulnerability research, static and dynamic analysis, and custom testing techniques. You’ll collaborate closely with team, contribute to innovative research, and drive real-world impact in critical infrastructure security.

Role & Responsibilities

• Defensive Vulnerability Research - Identify and analyze software and hardware flaws through reverse engineering of binaries, firmware, and applications (Windows, Linux, Embedded).
• Root-Cause & Mitigation - Conduct vulnerability discovery, triage, and exploit analysis; propose mitigations and secure design improvements.
• Tooling & Automation - Build tools and scripts to streamline vulnerability research, static/dynamic analysis, and fuzzing workflows.
• Secure Design Review - Evaluate codebases and architectures for security weaknesses; collaborate with engineering teams to harden systems.
• Disclosure & Collaboration - Support coordinated disclosure processes with vendors and document findings in detailed technical reports.
• Research & Innovation - Explore new techniques in reverse engineering, vulnerability discovery, and exploit mitigation.
• Team & Impact - Work alongside a world-class research team on advanced and impactful defensive security projects.
• Independence & Creativity - Pursue independent vulnerability research and disclosure initiatives that contribute to global security resilience.

Requirements

• 5+ years experience in vulnerability research and exploitation (Hands-On).
• 5+ years experience in reverse engineering using tools such as IDA Pro, Ghidra, or Binary Ninja (Hands-On).
• Strong programming and scripting experience (C/C++, Python, or equivalent).
• Familiarity with modern OS internals (Windows and/or Linux).
• Ability to work within a team while leading complex research missions.

Nice to Have

• Prior contributions to security research publications or CVEs.
• Experience with fuzzing frameworks (AFL, libFuzzer, Honggfuzz).
• Familiarity with secure software development practices and code auditing.
• Knowledge of embedded systems or mobile platform security.