Bugcrowd
Cleared Vulnerability Research Engineer
Remote - Alabama, Massachusetts, or Pennsylvania (Remote)midAdded 2 days ago
About this role
Bugcrowd seeks a cleared vulnerability research engineer to develop novel exploit capabilities and discover vulnerabilities in complex software systems. The role involves end-to-end exploit development, reverse engineering, and autonomous research execution, requiring TS/SCI clearance and willingness to travel to customer sites.
What you'll do
- Design and develop novel vulnerability discovery and exploitation capabilities against real-world targets
- Conduct reverse engineering of binaries across multiple architectures using industry tools
- Identify and exploit vulnerabilities such as use-after-free, type confusion, and buffer overflow
- Discover new vulnerabilities through manual analysis and automated techniques like fuzzing
- Independently manage research objectives from scoping through validation and iteration
- Travel to and perform extended on-site work at customer locations
What they're looking for
- Reverse engineering (Binary Ninja, Ghidra, IDA Pro)
- Exploit development and binary analysis
- C, Python, and Assembly language (x86-64, ARM)
- Vulnerability discovery and research
- Stack and heap memory exploitation
- Fuzzing and automated vulnerability analysis
- Autonomous research and problem-solving
- TS/SCI security clearance
Benefits
- Base salary range $154,800 - $193,500
- Discretionary bonus program eligibility
- Remote work with flexible location options
- Work in cutting-edge vulnerability research
Opens the official application on the employer’s site. No login required.