Security Research Engineer

The application window is expected to close on: 06/05/2026

Job posting may be removed earlier if the position is filled or if a sufficient number of applications are received.

This is a fully remote role based in the United States.

As a member of Talos, you will support cutting edge detection and mitigation technologies. You will work towards keeping yourself abreast of the latest industry threat creation and defense techniques, and you will develop proof‑of‑concept solutions, provide domain expertise and guide implementation to facilitate successful security posture in Cisco’s products.

If you enjoy vulnerability research, crash analysis, reverse engineering, and researching new techniques and writing tools to automate these tasks, this job is for you!

• Security research including development of tools for vulnerability analysis and mitigation.
• Development of static and run‑time analysis tools to figure out root cause and input conditions related to a vulnerability.
• Vulnerability triage and proof of concept exploit development to support the creation of detection content.
• Write detailed technical reports, summaries, and testing methodologies.
• Research emerging technologies, protocols, and testing methodologies.
• Develop proof of concept exploits for testing vulnerability mitigations.
• Perform patch analysis to find and trigger vulnerabilities.
• Reverse engineer binary applications, protocols, and formats.
• Analyze vulnerabilities and emerging security threats and technologies.
• Provide critical security focused expertise to engineering organizations.

• 3+ years of experience in vulnerability research or a closely related area such as exploit or mitigation development on Linux Systems.
• 3+ years’ experience with C/C++, and a scripting language (e.g., Python), and assembly (e.g., x86/x64, ARM, etc.).

• Bachelor’s degree or equivalent in Computer Science, Electrical Engineering, Cyber Security, or other tech‑related degree.
• Experience with Linux internals.
• Experience with binary auditing and reverse engineering, and with related tools such as IDA Pro, Binary Ninja, Ghidra, etc. and with plugin development.
• Experience with common vulnerabilities and methods of exploitation, such as memory corruption, web application exploitation, file format vulnerabilities, protocol‑based weaknesses, etc.
• Knowledge of common file format structures, network protocol structures, and enterprise networking architecture.
• Ability to work independently with minimum supervision and to tackle additional tasks as the need arises.

Starting salary range posted for this position is $ to $ and reflects the projected salary range for new hires in this position in U.S. and/or Canada locations, not including incentive compensation, equity, or benefits. Individual pay is determined by the candidate's hiring location, market conditions, job‑related skillset, experience, qualifications, education, certifications, and/or training.

U.S. employees are offered benefits, subject to Cisco’s plan eligibility rules, which include medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, paid parental leave, short and long‑term disability coverage, and basic life insurance. Employees may be eligible to receive grants of Cisco restricted stock units, which vest following continued employment with Cisco for defined periods of time.

U.S. employees are eligible for paid time away as described below, subject to Cisco’s policies.

• 10 paid holidays per full calendar year, plus 1 floating holiday for non‑exempt employees.
• 1 paid day off for employee’s birthday, paid year‑end holiday shutdown, and 4 paid days off for personal wellness determined by Cisco.
• Non‑exempt employees receive 16 days of paid vacation time per full calendar year, accrued at rate of 4.92 hours per pay period for full‑time employees.
• Exempt employees participate in Cisco’s flexible vacation time off program, which has no defined limit on how much vacation eligible employees may use (subject to availability and some business limitations).
• 80 hours of sick time off provided on hire date and each January 1st thereafter, and up to 80 hours of unused sick time carried forward from one calendar year to the next.
• Additional paid time away may be requested to deal with critical or emergency issues for family members.
• Optional 10 paid days per full calendar year to volunteer.

The applicable full salary ranges for this position, by specific state, are listed below:

New York City Metro Area: $ - $

Non‑Metro New York state & Washington state: $ - $

For quota‑based sales roles on Cisco’s sales plan, the ranges provided in this posting include base pay and sales target incentive compensation combined.

Employees in Illinois, whether exempt or non‑exempt, will participate in a unique time off program to meet local requirements.