1

Exploit Development Jobs (NOW HIRING)

Design agentic workflows for reconnaissance, static analysis, dynamic testing, exploit development, patch validation, and reporting. * Perform static analysis to identify vulnerable patterns ...

Responsibilities * Lead and manage task order personnel conducting vulnerability and exploit development for mobile platforms. * Perform detailed analysis, assessment, and deployment of ...

The work involves Vulnerability Research, Exploit Development, CNO tool development and enhancement, and infrastructure support (DevOps). This is some of the most impactful work in the Intelligence ...

next page

Showing results 1-20

Exploit Development information

See salary details

$18

$37

$76

How much do exploit development jobs pay per hour?

As of Jul 14, 2026, the average hourly pay for exploit development in the United States is $37.60, according to ZipRecruiter salary data. Most workers in this role earn between $25.96 and $54.33 per hour, depending on experience, location, and employer.

What jobs can you get with offsec certs?

With Offensive Security (Offsec) certifications such as OSCP or OSCE, you can pursue roles like penetration tester, security analyst, or vulnerability researcher. These certifications demonstrate practical skills in ethical hacking, penetration testing, and security assessment, which are highly valued in cybersecurity teams and consulting firms.

What jobs can I get as a game developer?

As a game developer, you can pursue roles such as software engineer, gameplay programmer, graphics programmer, or tools developer. These positions typically require skills in programming languages like C++ or C#, familiarity with game engines such as Unity or Unreal, and knowledge of game design principles. Opportunities exist in both independent studios and large gaming companies, often involving collaborative development environments and project deadlines.

What is an Exploit Development job?

An Exploit Development job involves researching software, hardware, or network vulnerabilities and creating proof-of-concept exploits to demonstrate security weaknesses. Professionals in this role analyze security flaws, write exploits, and sometimes assist in patch development. They often work in cybersecurity firms, government agencies, or red teams conducting penetration testing. Strong knowledge of low-level programming, reverse engineering, and debugging tools is essential.

What are the key skills and qualifications needed to thrive in the Exploit Development position, and why are they important?

To thrive in Exploit Development, you need advanced knowledge of computer systems, programming languages (such as C, C++, Python, or Assembly), and a deep understanding of cybersecurity principles, often supported by a degree in computer science or related field. Familiarity with reverse engineering tools (like IDA Pro, Ghidra, or OllyDbg), debuggers, and certifications such as OSCE or OSEP are commonly required. Strong problem-solving skills, attention to detail, and the ability to communicate complex technical findings clearly are valuable soft skills in this role. These skills and qualities are essential to responsibly discover and analyze security vulnerabilities, develop proof-of-concept exploits, and contribute to organizational or client security enhancements.

What does an exploitation analyst do?

An exploitation analyst identifies and develops security vulnerabilities in software and systems to assess their security posture. They use tools like vulnerability scanners and exploit frameworks, often working in cybersecurity or penetration testing environments, to simulate attacks and improve defenses. Strong knowledge of programming, networking, and security protocols is essential for this role.

What is exploit development?

Exploit development is the process of creating code or techniques to identify and leverage vulnerabilities in software or hardware systems. Professionals in this field analyze security flaws, often using programming skills and tools like debugging and reverse engineering, to develop exploits that can test or demonstrate system weaknesses. It is a specialized area within cybersecurity that requires knowledge of operating systems, networking, and security protocols.

What are some of the primary challenges encountered in an Exploit Development role?

Exploit Development professionals often face the challenge of staying ahead of rapidly evolving security defenses and continuously learning new attack techniques and mitigation strategies. The work can require intense focus and patience, as reverse engineering and identifying vulnerabilities in complex systems may take considerable time and persistence. Additionally, strict adherence to ethical guidelines and clear communication with cross-functional security and engineering teams is critical for responsibly handling discovered vulnerabilities. Diligence, adaptability, and ongoing professional development are key to navigating the technical and ethical complexities of this role.

More about Exploit Development jobs
What cities are hiring for Exploit Development jobs? Cities with the most Exploit Development job openings:
What are the most commonly searched types of Exploit Development jobs? The most popular types of Exploit Development jobs are:
What states have the most Exploit Development jobs? States with the most job openings for Exploit Development jobs include:
Infographic showing various Exploit Development job openings in the United States as of July 2026, with employment types broken down into 1% As Needed, 83% Full Time, 14% Part Time, and 2% Contract. Highlights an 92% Physical, 2% Hybrid, and 6% Remote job distribution, with an average salary of $78,216 per year, or $37.6 per hour.
Senior Red Team Engineer / Hybrid / Scottsdale

Senior Red Team Engineer / Hybrid / Scottsdale

Motion Recruitment

Scottsdale, AZ • On-site

$105K - $145K/yr

Full-time

Re-posted 10 days ago


Job description

About the Role:
We’re hiring a Senior Red Team Engineer to join a trusted payments technology company that powers and protects major financial products used by millions of consumers. This is a hybrid role based in Scottsdale, focused on offensive security, adversary emulation, purple team testing, cloud/web/network campaigns, and real-world attack simulation.

Why This Role Rocks:
This is a high-impact offensive security role where you’ll be identifying emerging threats, building proof-of-concept attacks, testing enterprise defenses, and helping security teams understand real-world blast radius. You’ll work across red team campaigns, purple team exercises, exploit development, cloud security, detection evasion, and threat replication in a highly regulated financial technology environment.

Required Skills & Experience:

  • 6+ years of information security experience
  • 2+ years of hands-on offensive security experience
  • Red team campaign and adversary emulation experience
  • Experience with network, cloud, and web application security testing
  • Ability to develop exploits and execute attacks at scale
  • Strong scripting experience with Python, PowerShell, and/or Go
  • Knowledge of threat modeling, cloud security, cryptography, authentication, authorization, and defensive detection techniques
  • Experience writing reports and presenting findings to technical and non-technical stakeholders
  • Strong understanding of vulnerability impact, blast radius, and real-world exploitability
  • Bachelor’s degree in a relevant field or equivalent professional experience

Desired Skills & Experience:

  • Experience with adversary emulation toolsets
  • Ability to take a single vulnerability and assess organization-wide impact
  • MITRE ATT&CK, MITRE CAPEC, and Cyber Kill Chain experience
  • Mobile application security testing experience
  • Offensive security certifications such as OSCP, ePTX, GPEN, HTB CPTS, or similar
  • Cloud security certifications such as AWS SAA, AWS SAP, AWS Security Specialty, or equivalent

What You Will Be Doing:

Tech Breakdown:

  • 30% Red team campaigns and adversary emulation
  • 20% Purple team exercises and control efficacy testing
  • 15% Cloud, web, and network security testing
  • 15% Exploit development, scripting, and automation
  • 10% Vulnerability impact and blast-radius analysis
  • 10% Reporting, remediation guidance, and security team collaboration

Daily Responsibilities:

  • 50% Hands-on offensive security testing, attack simulation, and vulnerability validation
  • 25% Building scripts, tools, proof-of-concepts, and automation to support engagements
  • 15% Partnering with internal security, incident response, and threat intelligence teams
  • 10% Reporting findings, documenting risk, and presenting remediation recommendations