About This Role
We are seeking a talented Vulnerability Researcher or Exploit Engineer to join our security research team. This role focuses on discovering, analyzing, and demonstrating vulnerabilities in mobile platforms (Android, i OS) and desktop operating systems (Windows). You will contribute to the development of advanced security capabilities while working with cutting‑edge tools and techniques in vulnerability research, reverse engineering, and exploitation. Successful candidates will have demonstrable expertise in at least one of our target platforms and a strong foundation in security principles.
Core Responsibilities Conduct security research on mobile (Android, i OS) and desktop (Windows) platforms to identify novel vulnerabilities and attack surfaces
Develop proof‑of‑concept exploits and technical demonstrations of discovered vulnerabilities
Perform reverse engineering and binary analysis on platform code and third‑party applications
Analyze platform architecture, system libraries, and kernel components to understand security mechanisms
Document findings with technical depth, including vulnerability chain analysis and impact assessment
Contribute to the development of automated tools and frameworks for vulnerability discovery and exploitation
Collaborate with cross‑functional teams to understand customer requirements and technical constraints
Stay current with platform updates, security patches, and emerging vulnerability classes Qualifications
Required
Hands‑on experience with at least one of the following platforms: Android, i OS, or Windows
Strong understanding of operating system internals (kernel architecture, process management, memory management, IPC mechanisms)
Proficiency in reverse engineering tools and techniques (debuggers, disassemblers, binary instrumentation)
Experience with one or more programming/scripting languages (C, C++, Python, Java Script, Java, or assembly)
Familiarity with common vulnerability classes and exploitation techniques (memory corruption, logic flaws, permission bypass, etc.)
Ability to communicate technical findings clearly in writing and through presentations
Experience working in a security‑conscious environment with proper handling of sensitive vulnerability information
US citizen with ability to obtain government security clearance Preferred
Published security research, public vulnerability disclosures, or relevant conference presentations
Experience with mobile platform instrumentation and debugging (Frida, lldb, Android Studio debugger)
Expertise in wireless communications, messaging protocols (SMS, RCS, IMS), or network‑level attack vectors
Proficiency with firmware analysis and hardware security concepts
Experience with malware analysis and threat research
Background in threat modeling and security architecture assessment
Experience developing automation tools for security research (test harnesses, instrumentation frameworks)
Current TS/SCI security clearance Who Thrives in This Role Comfort in chaos — you do your best work when requirements are incomplete, the environment is unfamiliar, and the answer is not obvious
Customer obsession with an engineering backbone — you care deeply about outcomes, and you have the technical depth to deliver them
Intellectual honesty — you tell customers and colleagues what is true, including when the honest answer is uncomfortable or inconvenient
Bias toward action — you make informed decisions quickly, execute, and adjust; paralysis under ambiguity is not in your vocabulary
Extreme ownership — you follow problems all the way to resolution, never stopping at the handoff
Builder instinct — when something does not exist that should exist, you build it; when something is broken, you fix it rather than file a ticket about it
Restless curiosity — you go deep on customer domains, not just your own product, because you understand that credibility is built on comprehension
Clear, confident communication — you can hold your own in a boardroom and equally in a terminal window; you adjust register without losing substance #J-18808-Ljbffr