Vulnerability Researchers

Vulnerability Researchers

Cheltenham 

Need to be eligible for BPSS/SC clearance

My client based in Cheltenham deliver high-end security research and bespoke solutions and are on the look out for experienced Vulnerability Researchers. The salary for these roles will depend on your experience (£32,000 – £90,000 salary bracket) and we are ideally looking for someone at a more senior level however, we are open to all levels of ability to if you feel the below information is of interest, please reach out.

The Role

We are looking for experienced candidates with a proven track record in bug hunting and/or reverse engineering to join our Vulnerability Research team. We deliver bespoke and innovative solutions which enable the operational needs of our clients. Our team is highly experienced, deeply technical and has a rich history of blending rapid prototyping, security research and software engineering skills.
Our focus is the security of mobile and embedded technologies (although we do occasionally branch out). Our research team use Ghidra as our tool of choice for reverse engineering and produce proof of concepts in the most suitable language for the project which could be C, C++, Python or assembly code. The role requires an inquisitive mindset and enthusiasm for solving difficult research tasks.

As part of our team, you will be tackling a wide range of challenging problems. Typical tasks might include:
• Developing a deep understanding of how Android mobile devices work, from applications to kernel
• Reverse engineering proprietary binaries using your knowledge of ARM, ARM64, and MIPS.
• Auditing C and C++ source code, spotting security flaws that others haven’t
• Growing the team’s capabilities by developing novel tools and techniques to enable cutting-edge vulnerability research
• Working in tandem with other hugely talented vulnerability researchers and software engineers
• Designing and producing niche solutions with immediate real-world impact.

An ideal candidate will also possess:
• A passion for cyber security
• A genuine interest in bug hunting and familiarity with recent vulnerabilities
• A desired to solve difficult and complex problems
• A willingness to share their knowledge with others and work closely with team members

We are currently recruiting experienced consultants. The role will require skills and experience in the areas listed below as well as the ability to lead technical projects:
• Reverse engineering in IDA Pro or Ghidra
• Familiarity with one or more of ARM, AARCH64, x86, x64
• Knowledge of bug hunting / vulnerability research
• Ethical hacking, including familiarity with web/network technologies
• Knowledge of exploitation techniques and mitigations
• Experience and knowledge of Linux and its internals
• Experience and knowledge of Android or iOS and its internals
• A decent understanding of the C or C++ language