Apply on Employer Site

Peraton · 1 day ago

Senior Vulnerability Researcher, Advisor

US-VA-Chantilly

Full-time

Onsite

Senior Level

$135K/yr - $216K/yr

6+ years exp

Peraton is a next-generation national security company that drives missions of consequence spanning the globe. They are seeking an experienced Vulnerability Researcher to support a highly sensitive government customer in Virginia, focusing on advanced vulnerability discovery and exploitation across software, hardware, and networked systems.

Information TechnologyRobotics

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Conduct advanced vulnerability research to identify, analyze, and exploit weaknesses in host, mobile, web, and network-based systems

Perform hands-on testing using black-box and white-box methodologies to uncover previously unknown vulnerabilities

Develop proof-of-concept exploits and clearly document technical findings for operational, forensic, and analytic use cases

Apply reverse engineering, debugging, and binary analysis techniques to understand system behavior and root causes of vulnerabilities

Support the development and enhancement of technical capabilities addressing sophisticated threats from criminal and nation-state actors

Provide technical leadership and expert guidance on complex research efforts, contributing to project planning and execution

Communicate complex technical concepts and recommendations effectively to both technical and non-technical stakeholders

Qualification

Vulnerability discoveryExploit developmentReverse engineeringBinary analysisFuzzing techniquesBlack-box testingWeb application securityNetwork protocolsProgramming in PythonAnalytical skillsProblem-solving skillsTechnical leadership

Required

BS/BA with 8+ years of relevant experience

MS/MA with 6+ years of relevant experience

PhD with 3+ years of relevant experience

OR 12 years of relevant experience in lieu of a degree

Demonstrated experience leading or contributing to complex technical efforts from inception through completion

Proven ability to consult with customers, define technical problems, analyze data, and recommend effective solutions

Experience providing technical guidance and detailed analysis in support of mission-critical challenges

Active TS/SCI security clearance is required; ability to obtain a polygraph

Preferred

10+ years of experience in vulnerability research, exploitation, or advanced security analysis is preferred

Demonstrated expertise in vulnerability discovery and exploitation beyond automated tools, including: Fuzzing techniques and exploit development, Reverse engineering, debugging, and binary analysis, Black-box and gray-box testing methodologies, Web application vulnerability research, Hardware and embedded systems security

Hands-on experience with industry-standard tools and frameworks such as: IDA Pro, Ghidra, x64DBG, WinDBG, Wireshark, Scapy (Python), Burp Suite, OWASP frameworks, Metasploit

Strong programming and scripting skills in one or more of the following: C, C++, Python, Ruby, Go, Assembly

Deep understanding of computer science fundamentals, system internals, and network protocols

Exceptional analytical, problem-solving, and research skills with a passion for tackling complex technical challenges

Advanced certifications, specialized training, or equivalent hands-on experience may be considered in lieu of years of experience