Senior Vulnerability Researcher

At Two Six Technologies, we build, deploy, and implement innovative products that solve the world’s most complex challenges today. Through unrivaled collaboration and unwavering trust, we push the boundaries of what’s possible to empower our team and support our customers in building a safer global future.

Overview of Opportunity

Join the Exploitation Sector of Two Six Technologies
—a team of dedicated hackers in Northern Virginia and Maryland—where you’ll immerse yourself in reverse engineering and vulnerability research on a wide range of embedded systems, software, and operational processes. Working alongside reverse engineers and security researchers, you’ll identify vulnerabilities, analyze attack vectors, and assess operational impacts on some of the most critical systems for our customers. Our fast-growing roster of government customers relies on us to deliver advanced security solutions, and we’re looking for a Senior Vulnerability Researcher to help us continue pushing boundaries.

If you’re passionate about vulnerability research that can make a tangible impact on national security, we want you on our team.

This role requires regular on-site support at the Laurel, Maryland customer site.

What you will do:

• Identify vulnerabilities and potential attacks across hardware, software, procedures, logistics, and physical security of systems
• Develop proof of concept (PoC) code for identified vulnerabilities
• Reverse-engineer targeted embedded systems to identify vulnerabilities
• Review source code looking for risks and vulnerabilities
• Analyze the effects of vulnerabilities on mission outcomes and operational effectiveness.
• Compare system attack techniques and propose operationally effective countermeasures
• Produce reports, briefings, and perspectives on actual and potential attacks
• Mentor junior engineers and analysts, reviewing technical approaches and guiding research methodology.

What you will need (Basic Qualifications):

• Bachelor’s degree and 5 years of relevant experience, OR Associate’s degree and 7 years of relevant experience.
• Relevant experience: computer/information systems design/development, programming, information/cyber/network security, reverse-engineering, vulnerability analysis, penetration testing, computer forensics, information assurance, or systems engineering
• Proficiency in C/C++, Python, and at least one ISA (e.g. x86/ARM/MIPS)
• Proficiency in Linux command-line environments
• Experience using a decompiler such as IDA Pro, Binary Ninja, or Ghidra
• Experience using vulnerability research tools such as emulators or fuzzers
• Experience using a software debugger such as GDB or Win Dbg
• Ability to work on-site at the Laurel, Maryland customer site regularly.

Nice If You Have (Preferred):

• Experience producing technical briefings for operational stakeholders
• Experience using a hardware debugger
• Experience with UART, SPI, I2C
• Experience with common secure communications such as TLS or SSH
• Familiarity with embedded firmware, RTOS, or networked systems
• Familiarity with high-side environments

Security Clearance:

• Active TS/SCI clearance with Polygraph required

Two Six Technologies is committed to providing competitive and comprehensive compensation packages that reflect the value we place on our employees and their contributions. We believe in rewarding skills, experience, and performance. Our offerings include but are not limited to, medical, dental, and vision insurance, life and disability insurance, retirement benefits, paid leave, tuition assistance and professional development.

Two Six Technologies is an Equal Opportunity Employer and does not discriminate in employment opportunities or practices based on race, color, religion, national origin, sex, sexual orientation, gender identity or expression, age, marital status, disability, genetic information, and protected veteran status or any other characteristic protected by applicable federal, state, or local law.