Vulnerability Researcher - TS​/SCI FS-Poly Security Clearance

Position: Vulnerability Researcher 1 - [$236k/yr] TS/SCI FS-Poly with Security Clearance
Location: Annapolis Junction

Candidates must already possess an active Top Secret/SCI w. Full Scope Polygraph to be considered for this position.

Summary:

● Conduct reverse engineering analysis on software and hardware components.
● Identify and exploit vulnerabilities in systems.
● Develop tools and techniques to enhance reverse engineering capabilities.
● Vulnerability Researcher 1 requires having found at least one significant 0-day in the last year.

Qualifications:

● Experience programming in Assembly, C, C#, C++, Perl, or Python with an understanding of system interactions with these libraries vs. production-style environments.
● Use of Unix/Windows system APIs.
● Understanding of virtual function tables in C++.
● Heap allocation strategies and protections.
● Experience with very large software projects.
● Kernel programming experience (WDK / Unix||Linux) is a significant plus.
● Hardware/software reverse engineering experience, including the use of tools (e.g., IDA Pro, Ghidra, Binary Ninja) to identify abstract concepts about the code flow of an application.
● For hardware reverse engineering, candidates expected to have performed analysis of embedded devices, focusing primarily on identifying the software stack and points of entry to the hardware (e.g., not interested in FPGA reverse engineering, or other circuit reverse engineering).
● Candidates who can merge low-level knowledge about compilation of C/C++ code with a nuanced understanding of system design to identify and exploit common vulnerability patterns. Candidates should be comfortable with, at a minimum, user-mode stack-based buffer overflows, and heap-based exploitation strategies.

Job Description:

● Conduct in-depth analysis of software and hardware components to identify vulnerabilities and potential security risks.
● Develop and implement reverse engineering techniques to gain a deep understanding of system behavior.
● Identify and exploit common vulnerability patterns, such as buffer overflows and heap-based vulnerabilities.
● Create tools and scripts to automate reverse engineering tasks and improve efficiency.
● Collaborate with other security professionals to share knowledge and expertise.
● Stay updated on the latest security trends and techniques. About SYSTOLIC: SYSTOLIC is dedicated to giving our employees the best possible company experience so that they can focus on providing outstanding support to their customer’s mission. Our company is founded on integrity, enthusiasm, and a relentless commitment to supporting the Intelligence Community. You can learn more about us and submit an application to be considered against our current and future openings at  To learn about our compensation ranges, visit our Pay Transparency page at: