Cromulence is looking for a Senior Vulnerability Researcher to support advanced research and development contracts and advance our nation's cybersecurity capabilities with cutting-edge research and tools. Successful candidate will be capable of working independently or side-by-side within a team structure to develop and deliver successful program capabilities.
At Cromulence, a Senior Vulnerability Researcher is expected to:
- Lead teams of engineers, data analysts and developers to understand customer problems in multiple domains and apply instrumentation and automation to solve those problems.
- Provide oversight and mentorship to junior engineers, growing the next generation all the while setting the example for what to aspire to.
- Manage customer relationships across programs, ensuring deliverables and milestones are met on time and in-line with user needs.
Required Skills:
- 8+ years of relevant work experience with experience leading teams
- Reverse engineering across various architectures and platforms; including x86/64, ARM, MIPS, etc.
- Experience with disassemblers (IDA Pro, Binary Ninja, or Ghidra), common exploitation countermeasures (DEP, ASLR, etc.), & countermeasure defeats (ROP programming)
- Experience researching operating system and applications to understand strengths and weaknesses in the design and implementation
- Modeling of in-memory compiled application behavior
- Ability to use a scripting language (Python, etc.), software development using C or C++ and with RTOS
- A current U.S. government security clearance is required. Qualified applicants may be subject to a security investigation and must meet minimum qualifications for access to classified information. As a result, U.S. Citizenship is required for this role. Applicants may be subject to additional security requirements.
Bonus skills:
- Experience with software protection and binary analysis
- Familiarity with modern exploitation techniques, tools, and methodologies
- Experience with hypervisors
- Malware analysis
- Ability to analyze network protocols throughout all layers of the network stack
- Background in software engineering and architecture
- Understanding and/or development of kernel modules
Security Clearance:
- A current U.S. government security clearance is required. Qualified applicants may be subject to a security investigation and must meet minimum qualifications for access to classified information. As a result, U.S. Citizenship is required for this role. Applicants may be subject to additional security requirements.
Benefits:
A successful company begins with happy employees. Cromulence takes our company culture seriously and works hard to maintain an atmosphere that rewards people for getting the best results. What we offer to all our employees:
- Extremely competitive base salary and bonuses
- Full benefits: Medical, Dental, Vision, STD, LTD, 4 weeks of paid parental leave (all 100% paid for by Cromulence)
- 401 (K) with a hefty company matching program
- 4 weeks of Paid time off (PTO)
- 11 paid holidays
- Flexible work hours and remote work when possible
- Continuing education benefits
- Additional perks like company retreats, DEF CON trips, well-stocked kitchens & breakrooms, a sweet historic downtown office, and more!
Cromulence is a growing cybersecurity company located in historic downtown Melbourne, Florida. We specialize in Computer Network Operations Tools, Cybersecurity Competitions, advanced Program Analysis Research & Development, and Vulnerability Research.
We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected.