1

Salaried Exploit Development Jobs in Chicago, IL

Security Engineer

Chicago, IL · On-site

$145K - $195K/yr

... exploit development. Document findings, drive remediation, and measure mean-time-to-fix ... The base salary range for this role is $145,000 to $195,000 USD. The actual base salary offered ...

Develop high-quality technical reports detailing exploit chains and business logic flaws, providing ... Mentor junior team members and provide security training to development teams to foster a robust ...

Develop high-quality technical reports detailing exploit chains and business logic flaws, providing ... Mentor junior team members and provide security training to development teams to foster a robust ...

... exploit them. Our flagship platform, NodeZero™, delivers production-safe autonomous pentesting ... We offer competitive salary, equity and benefits. Our benefits include health, vision & dental ...

Research Technician

Chicago, IL · On-site

$50K - $70K/yr

Minimum requirements include knowledge and skills developed through Certifications: --- Preferred ... Salary FLSA Status Exempt Pay Range $50,000.00 - $70,000.00 The included pay rate or range ...

Salaried Exploit Development information

See Chicago, IL salary details

$9

$17

$25

How much do salaried exploit development jobs pay per hour?

As of Jul 18, 2026, the average hourly pay for salaried exploit development in Chicago, IL is $17.55, according to ZipRecruiter salary data. Most workers in this role earn between $14.86 and $19.81 per hour, depending on experience, location, and employer.

What are some typical challenges encountered by professionals in salaried exploit development roles?

Professionals in salaried exploit development roles often face challenges such as staying current with rapidly evolving security technologies and patch cycles. They must continuously research new vulnerabilities and develop creative solutions to bypass updated security mechanisms, which can be highly demanding. Collaborating closely with security analysts and other developers is essential to ensure responsible disclosure and risk management. Additionally, balancing project deadlines with the need for meticulous testing and documentation can be a significant challenge in this field.

What is the difference between Salaried Exploit Development vs Penetration Tester?

AspectSalaried Exploit DevelopmentPenetration Tester
CredentialsSecurity certifications, programming skillsSecurity certifications, testing experience
Work EnvironmentResearch labs, security firms, internal teamsClient sites, corporate environments, consulting firms
Industry UsageCybersecurity, offensive securityCybersecurity, vulnerability assessment

Salaried Exploit Developers focus on creating and testing exploits for security research or defensive purposes, often working in labs or R&D settings. Penetration Testers simulate attacks to identify vulnerabilities in client systems. While both roles require security knowledge and technical skills, Exploit Developers primarily develop exploits, whereas Penetration Testers perform assessments and reporting. Understanding these differences helps clarify career paths and employer expectations in cybersecurity.

What is a Salaried Exploit Developer?

A Salaried Exploit Developer is a cybersecurity professional who is employed by an organization to research, identify, and develop software exploits—ways to take advantage of vulnerabilities in computer systems or applications. Unlike freelance or independent security researchers, salaried exploit developers work as part of a security team, often within penetration testing firms, defense contractors, or tech companies. Their work can involve both offensive (discovering vulnerabilities to test defenses) and defensive (helping to patch or mitigate vulnerabilities) tasks. These roles require strong programming skills, a deep understanding of operating systems, and knowledge of security protocols. Salaried Exploit Developers may also be involved in responsible disclosure of vulnerabilities to affected vendors.

What are the key skills and qualifications needed to thrive as a Salaried Exploit Developer, and why are they important?

To thrive as a Salaried Exploit Developer, you need deep expertise in computer science, reverse engineering, vulnerability analysis, and low-level programming, often backed by a degree in computer science or related field. Familiarity with tools like IDA Pro, Ghidra, debuggers, and operating system internals is crucial, and certifications such as OSCP or OSCE can be advantageous. Creativity, persistence, and strong problem-solving abilities are standout soft skills in this role. These qualifications are essential for identifying, developing, and responsibly handling software exploits in a secure and ethical manner.
What are the most commonly searched types of Exploit Development jobs in Chicago, IL? The most popular types of Exploit Development jobs in Chicago, IL are:
What are popular job titles related to Salaried Exploit Development jobs in Chicago, IL? For Salaried Exploit Development jobs in Chicago, IL, the most frequently searched job titles are:
What job categories do people searching Salaried Exploit Development jobs in Chicago, IL look for? The top searched job categories for Salaried Exploit Development jobs in Chicago, IL are:

Security Engineer

Coinflow

Chicago, IL • On-site

$145K - $195K/yr

Full-time

Medical, Retirement

Re-posted 4 days ago


Job description

About Coinflow
Coinflow is the next-generation payment service provider revolutionizing global financial infrastructure with stablecoins, AI-driven fraud prevention, and instant settlement. Coinflow enables businesses to grow faster with instant settlement, fraud & chargeback indemnity, global pay-ins, multi-currency FX, and unified payouts. Founded in 2023, the company serves marketplaces, fintechs, remittance providers, gaming platforms, and ecommerce merchants worldwide.
Since our seed round in 2024, we've achieved 23x revenue growth and scaled to multi-billion-dollar annual transaction volume. In response to this growth, Coinflow announced a $25M Series A in October 2025-led by Pantera Capital, CMT Digital, Coinbase Ventures, Jump Crypto, and Reciprocal Ventures-accelerating our mission to power the world's fastest-moving businesses with innovative, reliable global payments.
Coinflow is proudly headquartered in Chicago, IL. Learn more at coinflow.cash.
About The Role
We're hiring for a Security Engineer to own the day-to-day defensive and offensive security posture of Coinflow. You'll build the SecOps backbone, hunt for weaknesses in our own stack before anyone else does, and partner with engineering to keep our SDLC fast and secure. This role reports to the CTO and has a direct line into every part of the engineering org.
You'll be hands-on with modern AI-native security tooling - we use Claude Security and Claude Code as force multipliers for internal pentesting, code review, and remediation. If you're excited about being one of the first security engineers building this way, you'll fit in well here.
What You'll Own
  • SIEM & SecOps Dashboard: Stand up and operate our SIEM. Build out the SecOps dashboard that gives engineering, compliance, and leadership a real-time picture of our security posture - alerts, anomalies, auth events, infrastructure changes, and audit-ready evidence in one place.
  • Internal Penetration Testing: Run continuous internal pentests against Coinflow services, APIs, infrastructure, and embedded SDKs. Use Claude Security and Claude Code to scale your coverage - automate reconnaissance, fuzzing, code review, and exploit development. Document findings, drive remediation, and measure mean-time-to-fix.
  • Vulnerability & Dependency Management: Own the vulnerability lifecycle end-to-end. Triage CVEs across our npm, cargo, and other ecosystems. Build the automation that keeps packages patched without breaking production - including Dependabot tuning, lockfile hygiene, and gated auto-merge for low-risk upgrades.
  • Secure Development Lifecycle: Monitor and improve how we ship code. Define secure-by-default patterns for new services, review threat models for high-risk changes, integrate SAST/DAST/secret scanning into CI, and make the secure path the fast path for engineers.
  • Compliance Partnership: Work alongside our compliance function to produce the evidence, controls, and monitoring artifacts that PCI DSS, SOC 2, ISO 27001, and DORA auditors need - without turning engineering into a paperwork shop.

What We're Looking For
  • 4+ years in a security engineering, product security, or DevSecOps role, ideally at a fintech, payments company, or other regulated environment
  • Strong hands-on offensive skills - you've broken real systems, not just run scanners. Comfortable with web app, API, cloud, and infrastructure pentesting
  • Production experience operating a SIEM (Datadog, Splunk, Elastic, Panther, or similar) and building dashboards that engineers actually use
  • Fluency in TypeScript/Node and at least passing comfort with Rust, Go, or Python - enough to read our code, find bugs in it, and write the tooling to find more
  • Experience with vulnerability management at scale: CVE triage, SCA tooling, dependency upgrade automation
  • Comfort working with AI-native tooling (Claude Code, Claude Security, or similar) as a daily driver - or genuine excitement to start
  • A bias toward shipping. We'd rather have a working v1 of a control today than a perfect v3 next quarter.

The base salary range for this role is $145,000 to $195,000 USD. The actual base salary offered depends on a variety of factors, including but not limited to experience, education, skills, qualifications and business needs.
In addition, the employee who fills this role will be eligible for an equity grant, allowing you to share in the long-term success of the company. You will also have access to a wide array of benefits, including health and wellness benefits, 401(k) savings plan, and flexible time off.
Join the team rewriting how money moves worldwide-and become a driving force in the $194 trillion cross-border payments market.