Job Search and Career Advice Platform

Enable job alerts via email!

Senior Vulnerability Researcher

National Physical Laboratory

Birmingham

Hybrid

GBP 40,000 - 60,000

Full time

Today
Be an early applicant

Generate a tailored resume in minutes

Land an interview and earn more. Learn more

Job summary

A leading research laboratory in the UK is looking for Vulnerability Researchers to join a dedicated team focused on tackling significant cyber threats. This role involves establishing a cutting-edge security facility and contributing to national security. Ideal candidates will possess skills in vulnerability research, exploitation techniques, and software understanding. Flexibility in working hours is provided, and SC clearance is required. Benefits include a balanced work-life schedule.

Qualifications

  • Experience in vulnerability research roles and organizations.
  • Aptitude for vulnerability research.
  • Passion for pushing systems to their limits.
  • Deep understanding of development lifecycles.
  • Knowledge of cryptographic algorithms.
  • Familiarity with data structures and distributed systems.
  • Understanding of network protocols.
  • Experience with memory corruption vulnerabilities.
  • Knowledge of embedded systems and OS techniques.
  • Understanding of Linux internals.
  • Practical application of exploitation tools.
  • Experience with reverse engineering.
  • Familiarity with debugging tools like GDB.

Responsibilities

  • Join a small team of Vulnerability Researchers tackling cyber problems.
  • Help establish an industry-leading security facility.
  • Conduct vulnerability research with a national security focus.

Skills

Experience in multiple VR roles and / or organisations.
Interest and aptitude for vulnerability research.
Passion for understanding how things work.
Deep understanding of hardware and software development lifecycles.
Applied knowledge of cryptographic algorithms.
Knowledge of data structures and distributed systems.
Understanding of network protocols.
Experience leveraging vulnerabilities like memory corruption bugs.
Knowledge of embedded systems and OS.
Knowledge of Linux OS internals.
Practical knowledge of white-hat exploitation tools.
Reverse engineering experience.
Experience using debuggers like GDB.

Tools

IDA Pro
Ghidra
GDB
Job description

About the Role

This role will be part of a small team of Vulnerability Researchers, tackling some of the most interesting cyber problems with a meaningful and tangible impact on the national security of the UK. You will be instrumental in standing up an industry-leading security facility.

Successful Applicants must be able to commute to the UKTL offices in Birmingham at least twice a week We strive to offer a great work life balance - if you are looking for full time, part time or flexible options, we will try to make this work where business possible. This will be dependent on the kind of role you do and part of the business you work in. About You

  • Experience in multiple VR roles and / or organisations.
  • An interest and aptitude for vulnerability research (either from a professional background or by demonstrating an aptitude).
  • A passion for understanding how things work, testing them, pushing them to their limits, and finding security issues in them.
  • A deep understanding of hardware and software development lifecycles and their impact on security practices.
  • Applied knowledge of cryptographic algorithms and their uses (encryption, authentication, signatures, etc).
  • Knowledge of data structures, distributed systems, virtualisation and containerisation technologies.
  • A deep understanding of network protocols and how software works from assembly through to interpreted languages, and everything in between.
  • Experience of leveraging vulnerabilities such as memory corruption bugs (stack / heap / integer overflows, format strings), and techniques to bypass common security protections ( NX, stack canaries, heap protection, ASLR, etc.)
  • Knowledge and experience of embedded systems and operating systems, and hardware techniques for prototyping and debugging these.
  • Knowledge of Linux OS internals. Ability to self-learn any language, given appropriate resources to study and practice.
  • Practical knowledge of common white-hat exploitation toolsets and techniques for common flaws in low-level software, as well as web platforms ( SQL injection, XSS, CSRF, SSRF, upload / download abuse, RCE).
  • Reverse engineering experience ( IDA Pro, Ghidra).
  • Experience using debuggers such as GDB.

We actively recruit citizens of all backgrounds, but the nature of our work in this specific area means that nationality, residency and security requirements are more tightly defined than others. To work in this role, you will need to haveanSC clearance withno restrictions, or you musthave the abilityto obtainanSC clearance.

Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.
TrustpilotImage showing a rating of 4.5 out of 5 stars on Trustpilot for JobLeads, indicating a high level of customer satisfaction.
Rated “Excellent” based on 19,237 reviews
Top cities
Top companies
Popular jobs