Senior Exploit Developer
VulnCheck
full-time
Posted on:
Location Type: Remote
Location: Maryland • Massachusetts • United States
Visit company websiteExplore more
Job Level
Tech Stack
About the role
- Reverse engineering software to discover the root cause of both zero-day and n-day vulnerabilities
- Writing original software exploits for initial access vulnerabilities using VulnCheck’s open-source go-exploit framework, including when there are no public PoCs or vulnerability details
- Implementing detections (such as Suricata & Snort signatures, YARA rules, etc.) that accurately identify initial access vulnerabilities being exploited on the wire
- Writing Attack Surface Management (ASM) queries (e.g., Shodan, Census, FOFA, & ZoomEye) to find vulnerable systems likely to be targeted
- Contributing to technical blogs and/or conference talks (optional) on exploit development and attack trends
Requirements
- Prior experience with exploit development for RCE / initial access vulnerabilities (that do not require authentication to exploit)
- Comfort with reverse engineering and patch diffing
- Experience with Git-based project development
- Experience working on technical projects remotely, alone, and on small teams
- Prior cybersecurity work experience (at a vendor or in government) (preferred)
- Ability to share example exploit code written (preferred)
- Some experience with programming / software development is helpful (preferred)
- Experience writing technical blogs and/or giving conference talks is a big plus (preferred)
Benefits
- Competitive salary with employee equity program
- Health, dental, and vision coverage
- Unlimited PTO + All federal holidays observed
- 401(k) program - 100% match on the first 3%, then 50% of the next 3-5% of compensation
- Short and long-term disability coverage
- Remote friendly environment with flexibility
- Expense reimbursement for home internet and phone
- Ongoing professional development, coaching, and learning resources
- Opportunities for career advancement within a fast-growing team
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
exploit developmentreverse engineeringpatch diffinginitial access vulnerabilitiesRCE vulnerabilitieswriting software exploitsAttack Surface Management queriesVulnCheckSuricataSnort
Soft Skills
ability to work remotelyindependent workteam collaborationtechnical writingpublic speaking