Vulnerability Researcher

Vulnerability Researcher

Location:On-Site (Annapolis Junction, MD)

Clearance Required:TS/SCI with Poly

Do you have a passion for uncovering hidden vulnerabilities and pushing the boundaries of cybersecurity research? Are you the kind of researcher who sees every system as a puzzle waiting to be solved? If so, BigBear.ai wants you on our team! We're seeking an elite Vulnerability Researcher that has an active TS/SCI with Poly clearance to join our cutting-edge team and deliver groundbreaking engineering and vulnerability research results that directly support national security missions. This is your chance to work on some of the most challenging and exciting research projects in the industry, discovering initial access capabilities and developing proof-of-concept exploits that make a real difference.

Why This Role Is Unique

This isn't your typical cybersecurity role. As a Vulnerability Researcher at BigBear.ai, you'll:

• Work on classified, mission-critical research that directly impacts national security.
• Collaborate with elite teams of engineers and researchers who are passionate about pushing the boundaries of technology.
• Have the freedom to explore and innovate, discovering previously unknown vulnerabilities across hardware, software, and operating systems.
• See your research make a real difference in protecting national security interests.

What You'll Do

In this role, you'll:

• Hunt for Vulnerabilities: Actively debug software, troubleshoot crashes, and analyze programmatic flow to uncover hidden security flaws in hardware components, software applications, and operating systems.
• Analyze Source Code: Perform in-depth source code analysis to discover software vulnerabilities and author detailed documentation on the impact and severity of each finding.
• Develop Proof-of-Concept Exploits: Create and demonstrate compelling proof-of-concept exploits against research targets, prototypes, and hands-on demonstrations of vulnerability analysis results.
• Present Your Findings: Author and deliver engaging technical presentations on assigned projects to stakeholders and leadership, showcasing the impact of your research.
• Drive Innovation: Push the boundaries of vulnerability research by discovering previously unknown vulnerabilities across multiple versions of similar technologies.

• Clearance: TS/SCI with Poly (required).
• Experience: 10+ years of technical experience and a B.S. in a technical discipline. (4 additional years may be substituted in lieu of a degree.)
• Programming Expertise: Minimum of 4 years of experience programming in Assembly, C, C#, C++, Perl, or Python in a production environment.
• Technical Background:
  • Minimum of 5 years of contiguous experience in computer science, information systems, or network engineering, OR
  • Bachelor's Degree in Computer Science or a related field plus a minimum of 3 years of contiguous experience.
• Reverse Engineering: Minimum of 4 years of demonstrated experience in hardware or software reverse engineering.
• Communication Skills: Demonstrated experience creating and delivering compelling technical presentations to diverse audiences.
• Education: Bachelor's Degree in Computer Science or a related field, OR minimum of 2 years of experience in computer science, information systems, or network engineering.

• Proven Track Record: Demonstrated ability to discover multiple previously unknown vulnerabilities across multiple versions of similar technologies - the more obscure, the better!
• Innovative Mindset: A relentless passion for pushing the boundaries of vulnerability research and developing creative solutions to the most complex challenges.
• Collaborative Spirit: A desire to share knowledge and collaborate with a team of like-minded researchers who are equally passionate about cybersecurity.

BigBear.ai is a leading provider of AI-powered decision intelligence solutions for national security, supply chain management, and digital identity. Customers and partners rely on Bigbear.ai's predictive analytics capabilities in highly complex, distributed, mission-based operating environments. Headquartered in McLean, Virginia, BigBear.ai is a public company traded on the NYSE under the symbol BBAI. For more information, visit https://bigbear.ai/ and follow BigBear.ai on LinkedIn: @BigBear.ai and X: @BigBearai.

BigBear.ai is an Equal opportunity employer all protected groups, including protected veterans and individuals with disabilities.