Exploit Researcher

Role summary :

A hands-on Exploit Researcher with ~2 years of real-world experience who finds, analyzes, and weaponizes vulnerabilities responsibly. You'll turn complex bugs into repeatable Proof- of- Concepts (PoCs), collaborate with product teams to get fixes shipped, and help level up our offensive tooling and incident response. We're looking for someone who moves fast, documents crisply, and treats responsible disclosure as a professional craft.

Key responsibilities

- Perform vulnerability discovery across binaries, services, mobile platforms (Android), and network protocols using reverse engineering, dynamic analysis and fuzzing.

- Develop stable, well-documented Proof- of- Concept exploits and test harnesses that demonstrate impact (RCE, privilege escalation, bypasses).

- Reverse engineer applications, firmware, and OS components (Windows, Linux, Android) to identify root causes and attack surfaces.

- Research and analyze malware behavior and persistence techniques to inform defensive controls and detection rules.

- Develop exploit chains for bugs and demonstrate practical exploitability (memory corruption, logic flaws, auth bypasses).

- Design and implement fuzzers, exploit chains, and automation to scale research efforts.

- Triage incoming vulnerability reports and reproduce findings accurately and quickly.

- Work with product/engineering teams to communicate root cause, risk, and mitigation strategies; validate fixes.

- Contribute to internal exploit framework, tooling, playbooks, and knowledge base focused on OS-level and mobile exploitation.

- Follow and drive responsible disclosure processes; prepare advisory drafts when required.

- Mentor junior researchers and participate in internal red-team exercises / purple-team engagements.

Must-have technical skills & experience :

- 2 years of hands-on experience in vulnerability research, exploit development, or offensive security.

- Strong reverse engineering skills - familiarity with IDA Pro, Ghidra, Binary Ninja or radare2.

- Proficient in low-level languages : C/C and scripting with Python (pwntools experience is a plus).

- Comfortable reading and reasoning about assembly (x86/x64; ARM a plus).

- Practical experience with fuzzing (AFL, libFuzzer, Peach, honggfuzz) and designing fuzz targets.

- Experience creating PoCs for memory-corruption (use-after-free, buffer overflow), logic bugs, or auth bypasses.

- Solid understanding of OS internals (Windows, Linux, Android), process memory layout, and exploitation primitives.

- Familiarity with common exploitation mitigations (ASLR, DEP/NX, stack canaries, Control Flow Guard) and bypass techniques.

- Experience in Android vulnerability research and mobile exploit development (app sandboxing, binder, native components).

- Experience analyzing malware and persistence mechanisms is a strong plus.

- Version control (Git), Linux command line, build systems, and debugging (gdb, WinDbg, lldb).

Nice-to-have :

- Kernel exploit development (Windows/Linux/Android) or hypervisor/firmware research.

- Prior bug bounty contributions, CVEs, or CTF wins (pwn/RE categories).

- Familiarity with container escape vectors, cloud service misconfigurations, or WebAssembly exploitation.

- Experience with exploit mitigation engineering or secure development lifecycle (SDL).

- Knowledge of formal vulnerability reporting standards (CVE, CVSS) and disclosure coordination.

Behavioural / soft skills :

- Clear, concise technical writing - able to produce reproducible PoC write-ups and remediation steps.

- Strong problem-solving, creativity, and persistence when debugging complex systems.

- Team player : collaborates across product, engineering, and security teams while maintaining professional disclosure ethics.

- High integrity and ownership over assigned findings and remediation lifecycle.