Vulnerability Researcher, Senior Associate

Program Overview

About The Role

We are seeking multiple Vulnerability Researchers to support a highly sensitive government customer in Virginia. This role focuses on advanced vulnerability discovery and exploitation across software, hardware, and networked systems in support of mission-critical operational and analytic capabilities.

The ideal candidate brings hands-on expertise in identifying, understanding, and exploiting complex security weaknesses relevant to national security and lawful collection missions. This is a highly technical role for researchers who thrive on solving hard problems and redefining the boundaries of vulnerability research.

This role aligns closely with Computer Network Exploitation (CNE) and Computer Network Operations (CNO) mission sets and requires hands-on vulnerability discovery, reverse engineering, and exploit development beyond automated tools. The ideal candidate goes beyond automated scanning, brings hands-on expertise in identifying, understanding, and exploiting complex security weaknesses relevant to national security and lawful collection missions.

Key Responsibilities

• Conduct advanced vulnerability research to identify, analyze, and exploit weaknesses in host, mobile, web, and network-based systems.
• Perform hands-on testing using black-box, white-box and grey-box methodologies to uncover previously unknown vulnerabilities.
• Develop proof-of-concept exploits and clearly document technical findings for operational, forensic, and analytic use cases.
• Apply reverse engineering, debugging, and binary analysis techniques to understand system behavior and root causes of vulnerabilities.
• Support the development and enhancement of technical capabilities addressing sophisticated threats from criminal and nation-state actors.
• Provide technical leadership and expert guidance on complex research efforts, contributing to project planning and execution.
• Communicate complex technical concepts and recommendations effectively to both technical and non-technical stakeholders.

Qualifications

Basic Qualifications

• Education / Experience:
• BS/BA with 2+ years of relevant experience or 6 years with no degree
• Advanced certifications, specialized training, or equivalent hands-on experience may be considered in lieu of years of experience.
• Experience with vulnerability research, exploitation development, or advanced security analysis
• Knowledge of exploitation techniques
• Experience in writing exploits in one or more of the following: C, C++, Python and Ruby
• Active TS/SCI security clearance is required ; ability to obtain a polygraph.

Desired Qualifications

• Experience with vulnerability discovery and exploitation beyond automated tools , including:
• Fuzzing techniques and exploit development
• Reverse engineering, debugging, and binary analysis
• Black-box, gray-box and white-box testing methodologies
• Web application vulnerability research
• Hardware and embedded systems security
• Experience with industry-standard tools and frameworks such as:
• IDA Pro, Ghidra
• x64DBG, WinDBG
• Wireshark, Scapy (Python)
• Burp Suite, OWASP frameworks
• Metasploit
• Understanding of computer science fundamentals, system internals, and network protocols.
• Analytical, problem-solving, and research skills with a passion for tackling complex technical challenges.
• Ability to contribute to complex technical efforts from inception through completion.
• Ability to consult with customers, define technical problems, analyze data, and recommend effective solutions.
• Experience providing technical guidance and detailed analysis in support of mission-critical challenges.

SCA / Union / Intern Rate or Range

Details

Target Salary Range: $104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

Benefits Statement: Peraton offers eligible employees a variety of benefits including medical, dental, vision, life, health savings account, short/long term disability, EAP, parental leave, 401(k), paid time off (PTO) for vacation, and company paid holidays. A full listing of available benefits can be viewed at

Application Duration Statement: The application period for the job is estimated to be 30 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.