ZipRecruiter

Log In

1

Vulnerability Research Jobs (NOW HIRING)

KBR, Inc.

Senior Vulnerability Researcher

Beavercreek, OH · On-site

$142K - $213K/yr

This role owns end-to-end vulnerability research: building emulation-backed test environments, designing fuzzing and analysis workflows, performing crash triage and root-cause analysis, and ...

i3

Vulnerability Research Engineer

Washington, DC · On-site

$115K - $181K/yr

Overview i3 is seeking a Vulnerability Research Engineer to support the Naval Research Laboratory's Tactical Electronic Warfare Division. You will reverse engineer and analyze software and build ...

next page

Showing results 1-20

All JobsVulnerability Research Jobs

Vulnerability Research information

See salary details

$37K

$106K

$142.5K

How much do vulnerability research jobs pay per year?

As of Jun 19, 2026, the average yearly pay for vulnerability research in the United States is $106,012.00, according to ZipRecruiter salary data. Most workers in this role earn between $104,000.00 and $104,000.00 per year, depending on experience, location, and employer.

What is a Vulnerability Research job?

A Vulnerability Research job involves identifying, analyzing, and reporting security weaknesses in software, hardware, or networks. Researchers use reverse engineering, fuzz testing, and other techniques to discover exploitable flaws before malicious actors can exploit them. Their findings help improve security by enabling developers and organizations to patch vulnerabilities and strengthen defenses. This role requires a deep understanding of cybersecurity, programming, and exploit development.

What are the key skills and qualifications needed to thrive in the Vulnerability Research position, and why are they important?

To thrive in Vulnerability Research, you need a strong background in cybersecurity principles, programming, reverse engineering, and deep knowledge of common operating systems and network protocols, often supported by a relevant degree in computer science or similar fields. Familiarity with tools such as IDA Pro, Ghidra, Wireshark, Metasploit, and certifications like OSCP or CEH is highly valuable. Analytical thinking, persistence, attention to detail, and effective written communication are critical soft skills in this field. These capabilities ensure you can effectively discover, analyze, and document security vulnerabilities, contributing to safer software and systems.

What are some common challenges faced in a Vulnerability Research role?

One of the main challenges in Vulnerability Research is keeping up with constantly evolving threat landscapes and security technologies, which requires continuous learning and adaptability. Researchers often encounter complex and undocumented systems, making analysis and exploitation both technically demanding and time-consuming. You may collaborate closely with other cybersecurity professionals, developers, and incident response teams to verify findings, replicate vulnerabilities, and share remediation strategies. Successfully navigating these challenges is rewarding and allows you to make a tangible impact on organizational security.

More about Vulnerability Research jobs
What cities are hiring for Vulnerability Research jobs? Cities with the most Vulnerability Research job openings:
What are the most commonly searched types of Vulnerability Research jobs? The most popular types of Vulnerability Research jobs are:
What states have the most Vulnerability Research jobs? States with the most job openings for Vulnerability Research jobs include:
What job categories do people searching Vulnerability Research jobs look for? The top searched job categories for Vulnerability Research jobs are:
Vulnerability Research jobs near you
Infographic showing various Vulnerability Research job openings in the United States as of June 2026, with employment types broken down into 1% As Needed, 98% Full Time, and 1% Contract. Highlights an 80% Physical, 6% Hybrid, and 14% Remote job distribution, with an average salary of $106,012 per year, or $51 per hour.
DoW SkillBridge Vulnerability Researcher (Cyber199)

DoW SkillBridge Vulnerability Researcher (Cyber199)

Research Innovations

San Antonio, TX • On-site

Full-time

Medical, Retirement, PTO

Posted 27 days ago

Job description

Position Title: Skillbridge Security Researcher
Location: St. Petersburg, FL | Melbourne, FL | San Antonio, TX
Clearance Requirement: Top Secret/SCI
Research Innovations Inc. (RII) is redefining defense technology. We combine mission-driven impact with cutting-edge research and a culture that values autonomy, creativity, and technical excellence.
We are seeking security researchers to independently explore and exploit complex systems, from kernels to embedded platforms, to solve the unsolvable. This role combines deep technical problem-solving with real-world impact on defense and homeland security systems. This position is specifically for members of the DoW who are transitioning to civilian life and can take advantage of programs such as SkillBridge. Lets Get s#it done.
This position requires an Active US Top Secret security clearance
WHAT YOU WILL BE DOING
  • Conducting in-depth reverse engineering and vulnerability analysis across various architectures and platforms, including x86/64, ARM, PowerPC, and more
  • Researching and analyzing operating system and application internals, identifying and understanding security strengths and weaknesses of those systems
  • Developing and enhancing functionality by adding features and capabilities to undocumented interfaces
  • Modeling and analyzing in-memory compiled application behavior to identify potential vulnerabilities and improve security measures
  • Developing and understanding mobile/embedded systems and kernel modules, particularly related to vulnerability research
  • Participating actively in our extensive Vulnerability Research mentorship program, sharing knowledge and collaborating with colleagues

WHAT YOU HAVE DONE
  • Proficient understanding of wireless networking and associated security protocols, such as Wi-Fi (802.11), Bluetooth, or cellular networks (2G/3G/4G/5G). Familiarity with common vulnerabilities and attack vectors in wireless communication
  • Strong grasp of legacy exploit mitigations and bypass techniques, including but not limited to Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP/NX), Stack Cookies (Canaries), and Control Flow Integrity (CFI). Experience in identifying and circumventing these security measures
  • In-depth knowledge of both security and network fundamentals, such as cryptography, authentication, access control, and network protocols (TCP/IP, UDP, DNS, HTTP, etc.). Understanding the security implications and potential vulnerabilities associated with these concepts
  • Programming experience with both scripted languages (preferably Python3) and compiled languages (preferably C). Ability to write efficient and secure code for vulnerability research and exploit development purposes
  • Familiarity with low-level architectures such as x86, ARM, or MIPS. Understanding the underlying principles, instruction sets, and memory models of these architectures for vulnerability identification and analysis
  • Experience with operating system internals and implementations, including Windows, Linux, or macOS. Knowledge of system structures, process management, memory management, and security mechanisms at the kernel level
  • Excellent oral, written, and interpersonal communication skills, with the ability to effectively convey complex technical concepts and interact with customers and team members alike

EVEN BETTER
  • Experience with vulnerability research and reverse engineering of real-time operating systems (RTOS), such as FreeRTOS, QNX, or VxWorks. Understanding the unique security challenges and attack vectors specific to RTOS environments
  • Bachelor's or postgraduate degree in Computer Science, Computer Engineering, or a related field
  • Experience with software protection and binary armoring techniques, such as anti-debugging, code obfuscation, or tamper resistance. Understanding the methods employed to protect software from reverse engineering and vulnerability discovery
  • Proficiency in agile development methodologies, including Scrum or Kanban, for efficient collaboration and iterative development in a cybersecurity context
  • Familiarity with low-level iOS/Android development and associated security considerations, such as jailbreaking or rooting, application sandboxing, or secure interprocess communication (IPC)
  • Knowledge of hypervisors and their security implications, including virtualization-based security, guest escape vulnerabilities, or hypervisor-based rootkits
  • Proficiency in malware analysis, including static and dynamic analysis techniques, behavioral analysis, and code deobfuscation. Experience in identifying and analyzing malware samples to understand their capabilities and potential vulnerabilities
  • Experience with constraint solving techniques, such as symbolic execution, theorem proving, or model checking, for vulnerability identification, verification, and exploit generation
  • Background in machine learning, particularly in the context of vulnerability analysis and detection, such as using ML techniques to identify patterns in code or analyze network traffic for anomaly detection

We work to help your intellectual passions and creativity thrive. It's one of our core values: Let your geek flag fly.
We also offer all employees comprehensive benefits including: flexible work schedules, health insurance coverage, paid time off, 401k with a company match, paid parental leave, access to wellness programs and much more. You get this all from day one, and all paid for by RII.
It's all part of another of our core values: Stay human. It's why our comfortable and colorful offices such as our headquarters, include a community game room, pantry, massage chair, and an escape room, among other amenities. It's why we have community ambassadors and regular community events.
Research Innovations, Inc. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender, gender identity or expression, national origin, genetics, disability status, protected veteran status, age, or any other characteristic protected by state, federal or local law.
#LI-AC1
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Apply