1

Salaried Exploit Development Jobs in Virginia (NOW HIRING)

... exploit development. WHAT YOU'LL NEED TO SUCCEED: * Required Experience: 5+ years of related ... Rather, salary will be set based on experience, geographic location and possibly contractual ...

Software Reverse Engineer

Arlington, VA · On-site

$112K - $154K/yr

Performing vulnerability weaponization, exploit development, payload development, and exploit ... Information Full-Time Salary Range: $112,000 - $154,000 The salary range listed is based on ...

Exploring novel techniques for automating reverse engineering and exploit development * Creating ... Salary Range: $112,200.00 - $196,400.00 We value our employees and want our employees to take care ...

Performing vulnerability weaponization, exploit development, payload development, and exploit ... Information Full-Time Salary Range: $112,000 - $154,000 The salary range listed is based on ...

Performing vulnerability weaponization, exploit development, payload development, and exploit ... Information Full-Time Salary Range: $134,000 - $184,000 The salary range listed is based on ...

Performing vulnerability weaponization, exploit development, payload development, and exploit ... Information Full-Time Salary Range: $204,000 - $284,000 The salary range listed is based on ...

Senior Reverse Engineer

Arlington, VA · On-site

$134K - $184K/yr

Performing vulnerability weaponization, exploit development, payload development, and exploit ... Information Full-Time Salary Range: $134,000 - $184,000 The salary range listed is based on ...

next page

Showing results 1-20

Salaried Exploit Development information

What are some typical challenges encountered by professionals in salaried exploit development roles?

Professionals in salaried exploit development roles often face challenges such as staying current with rapidly evolving security technologies and patch cycles. They must continuously research new vulnerabilities and develop creative solutions to bypass updated security mechanisms, which can be highly demanding. Collaborating closely with security analysts and other developers is essential to ensure responsible disclosure and risk management. Additionally, balancing project deadlines with the need for meticulous testing and documentation can be a significant challenge in this field.

What is the difference between Salaried Exploit Development vs Penetration Tester?

AspectSalaried Exploit DevelopmentPenetration Tester
CredentialsSecurity certifications, programming skillsSecurity certifications, testing experience
Work EnvironmentResearch labs, security firms, internal teamsClient sites, corporate environments, consulting firms
Industry UsageCybersecurity, offensive securityCybersecurity, vulnerability assessment

Salaried Exploit Developers focus on creating and testing exploits for security research or defensive purposes, often working in labs or R&D settings. Penetration Testers simulate attacks to identify vulnerabilities in client systems. While both roles require security knowledge and technical skills, Exploit Developers primarily develop exploits, whereas Penetration Testers perform assessments and reporting. Understanding these differences helps clarify career paths and employer expectations in cybersecurity.

What is a Salaried Exploit Developer?

A Salaried Exploit Developer is a cybersecurity professional who is employed by an organization to research, identify, and develop software exploits—ways to take advantage of vulnerabilities in computer systems or applications. Unlike freelance or independent security researchers, salaried exploit developers work as part of a security team, often within penetration testing firms, defense contractors, or tech companies. Their work can involve both offensive (discovering vulnerabilities to test defenses) and defensive (helping to patch or mitigate vulnerabilities) tasks. These roles require strong programming skills, a deep understanding of operating systems, and knowledge of security protocols. Salaried Exploit Developers may also be involved in responsible disclosure of vulnerabilities to affected vendors.

What are the key skills and qualifications needed to thrive as a Salaried Exploit Developer, and why are they important?

To thrive as a Salaried Exploit Developer, you need deep expertise in computer science, reverse engineering, vulnerability analysis, and low-level programming, often backed by a degree in computer science or related field. Familiarity with tools like IDA Pro, Ghidra, debuggers, and operating system internals is crucial, and certifications such as OSCP or OSCE can be advantageous. Creativity, persistence, and strong problem-solving abilities are standout soft skills in this role. These qualifications are essential for identifying, developing, and responsibly handling software exploits in a secure and ethical manner.
What are the most commonly searched types of Exploit Development jobs in Virginia? The most popular types of Exploit Development jobs in Virginia are:
What job categories do people searching Salaried Exploit Development jobs in Virginia look for? The top searched job categories for Salaried Exploit Development jobs in Virginia are:
What cities in Virginia are hiring for Salaried Exploit Development jobs? Cities in Virginia with the most Salaried Exploit Development job openings:

Experienced Vulnerability Researcher

Breakpoint Research

Falls Church, VA • On-site, Remote

Full-time

Medical, Dental, Vision, Retirement, PTO

Posted 12 days ago


Job description

Breakpoint Research builds novel, mission-critical offensive cyber capabilities, to strengthen and advance democracy. We're hiring experienced vulnerability researchers to join our team, alongside some of the best in the industry.

What you’ll be doing
  • Vulnerability research across mobile, operating systems, firmware, and embedded systems.

  • Reliable exploit development that demonstrates real mission impact.

  • Low-level engineering for the hardest customer problems.

How we work

VRED is a tough game. We are relentlessly curious, unafraid to try new things, and we own our failures alongside our wins. We act with honesty, integrity, humility and kindness. The capabilities we've built came from a culture of deep collaboration, and we work hard to keep it that way.

About you

We're especially keen to hear from researchers who've taken work through to deployable products or capabilities, but it's not a requirement. You're comfortable working low-level (kernels, firmware, embedded systems, or similar), with strong reverse engineering skills alongside a fluent toolkit: C/C++, assembly (i.e. ARM/AArch64), fuzzing, static and dynamic analysis, exploit primitive development, modern mitigation bypass.

You take pride in the quality of your work and push yourself and others to make it better. You approach VR as a team sport — sharing what you know, asking when you don't, and picking teammates up when they get knocked down.

Much of the best work in this field can't be talked about publicly, and a track record without public artefacts is no obstacle for us. We are also open to candidates with non-traditional backgrounds.

Nice to have
  • Experience leading technical projects or mentoring researchers.

  • Depth in platforms relevant to our work: mobile (Android/iOS), browsers, hypervisors, embedded RTOS, kernel internals.

  • Public research, CVEs, or conference talks.

Where you'll work

Remote, globally. We consider applicants from any country and any background. The team works in English, so you'll need to be fluent. We have a particular interest in UK-based candidates; holding or being eligible for Developed Vetting is a positive but not a requirement.

What we offer

Salaries are benchmarked for each local market we hire from — whether UK, US, Australia, or elsewhere. Come to us with your expectations. On top of that:

  • 25 days annual leave plus your local public, bank, or federal holidays. We expect everyone to take it.

  • Bonus scheme — when the business does well, everyone shares in it.

  • Training and conference budgets — go to the cons that matter, wherever they're happening.

  • Employee assistance program giving you and your immediate family confidential access to counselling, mental health support, and financial and legal advice.

  • Regular get-togethers — seasonal parties, technical workshops, and an annual offsite that brings the whole team into one place.

Plus, depending on where you're based:

UK

  • Annual leave rises by 1 day per year up to 28 days

  • 6% matched pension

  • Private medical insurance

  • 4x death in service

  • Cycle-to-work scheme

USA

  • Matched 401(k) up to 4%

  • Healthcare, dental, and vision cover

Australia

  • Minimum 12% superannuation

For candidates elsewhere in the world, we'll put together a package matched to your local market.

Breakpoint Research is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

We aim to respond to all candidates via email within a week of their application. Please note that emails may go to your spam or junk folder.