Two Six Technologies
Principal Vulnerability Researcher
Two Six Technologies, Laurel, Maryland, United States, 20724
Overview
Join the Exploitation Sector of Two Six Technologies— a team of dedicated hackers in Northern Virginia—where you’ll provide strategic technical leadership in vulnerability research across hardware, software, and operational domains. Working alongside engineers, researchers, and clients, you’ll identify vulnerabilities, assess operational impacts, and develop effective countermeasures. Our fast-growing roster of government customers relies on us to deliver advanced security solutions, and we’re looking for a Principal Vulnerability Researcher to drive research programs and mentor technical teams. This role requires regular on-site support at the Laurel, Maryland customer site. What you will do
Lead the identification of vulnerabilities and attacks across hardware, software, personnel, logistics, procedures, and physical security, linking them to operational and mission impacts. Identify vulnerabilities and potential attacks across hardware, software, procedures, logistics, and physical security of systems. Develop proof of concept (PoC) code for identified vulnerabilities. Reverse-engineer targeted embedded systems to identify vulnerabilities. Review source code looking for risks and vulnerabilities. Analyze the effects of vulnerabilities on mission outcomes and operational effectiveness. Compare system attack techniques and propose operationally effective countermeasures. Produce reports, briefings, and perspectives on actual and potential attacks. Provide technical leadership on research efforts, prioritizing investigations, reviewing methodologies, and overseeing proof-of-concepts. Mentor and guide junior engineers and researchers, reviewing technical approaches and fostering skill development. What you will need (Basic Qualifications)
Doctorate in Computer Science, Computer/Electrical Engineering, or a related field and 7 years of relevant experience, OR Master’s degree and 9 years of relevant experience, OR Bachelor’s degree and 11 years of relevant experience, OR Associate’s degree and 13 years of relevant experience. Relevant experience: computer/information systems design/development, programming, information/cyber/network security, reverse-engineering, vulnerability analysis, penetration testing, computer forensics, information assurance, or systems engineering. Proficiency in C/C++, Python, and at least one ISA (e.g. x86/ARM/MIPS). Proficiency in Linux command-line environments. Experience using a decompiler such as IDA Pro, Binary Ninja, or Ghidra. Experience using vulnerability research tools such as emulators or fuzzers. Experience using a software debugger such as GDB or WinDbg. Ability to work on-site at Laurel, Maryland customer site regularly. Nice If You Have (Preferred)
Experience translating vulnerabilities into operationally relevant impact assessments and countermeasures. Experience producing technical briefings for operational stakeholders. Experience using a hardware debugger. Experience with UART, SPI, I2C. Experience with common secure communications such as TLS or SSH. Familiarity with embedded firmware, RTOS, or networked systems. Familiarity with high-side environments. Security Clearance
Active TS/SCI clearance with Polygraph required Compensation and Benefits
Two Six Technologies is committed to providing competitive and comprehensive compensation packages that reflect the value we place on our employees and their contributions. We offer medical, dental, and vision insurance, life and disability insurance, retirement benefits, paid leave, tuition assistance, and professional development. The projected salary range listed for this position is annualized. This is a general guideline and not a guarantee of salary. Salary is one component of our total compensation package and the specific salary offered is determined by various factors, including education, experience, knowledge, skills, geographic location, contract-specific affordability, and organizational requirements. How to Apply
Ready to make the first move towards growing your career? Check out the Two Six Technologies Candidate Journey for step-by-step directions on applying, what to expect during the application process, information about benefits and perks, and frequently asked questions. For questions, you can reach us at Contact Two Six Technologies. We are happy to connect and provide information to help you reach your next career milestone. Equal Opportunity and Accessibility
Two Six Technologies is an Equal Opportunity Employer and does not discriminate in employment opportunities or practices based on race, color, religion, national origin, sex, sexual orientation, gender identity or expression, age, marital status, disability, genetic information, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. If you are an individual with a disability and would like to request reasonable workplace accommodation for any part of our employment process, please email accommodations@twosixtech.com. Information provided will be kept confidential and used only to provide needed reasonable accommodations. Additionally, this business uses E-Verify in its hiring practices. Apply for this job #J-18808-Ljbffr
Join the Exploitation Sector of Two Six Technologies— a team of dedicated hackers in Northern Virginia—where you’ll provide strategic technical leadership in vulnerability research across hardware, software, and operational domains. Working alongside engineers, researchers, and clients, you’ll identify vulnerabilities, assess operational impacts, and develop effective countermeasures. Our fast-growing roster of government customers relies on us to deliver advanced security solutions, and we’re looking for a Principal Vulnerability Researcher to drive research programs and mentor technical teams. This role requires regular on-site support at the Laurel, Maryland customer site. What you will do
Lead the identification of vulnerabilities and attacks across hardware, software, personnel, logistics, procedures, and physical security, linking them to operational and mission impacts. Identify vulnerabilities and potential attacks across hardware, software, procedures, logistics, and physical security of systems. Develop proof of concept (PoC) code for identified vulnerabilities. Reverse-engineer targeted embedded systems to identify vulnerabilities. Review source code looking for risks and vulnerabilities. Analyze the effects of vulnerabilities on mission outcomes and operational effectiveness. Compare system attack techniques and propose operationally effective countermeasures. Produce reports, briefings, and perspectives on actual and potential attacks. Provide technical leadership on research efforts, prioritizing investigations, reviewing methodologies, and overseeing proof-of-concepts. Mentor and guide junior engineers and researchers, reviewing technical approaches and fostering skill development. What you will need (Basic Qualifications)
Doctorate in Computer Science, Computer/Electrical Engineering, or a related field and 7 years of relevant experience, OR Master’s degree and 9 years of relevant experience, OR Bachelor’s degree and 11 years of relevant experience, OR Associate’s degree and 13 years of relevant experience. Relevant experience: computer/information systems design/development, programming, information/cyber/network security, reverse-engineering, vulnerability analysis, penetration testing, computer forensics, information assurance, or systems engineering. Proficiency in C/C++, Python, and at least one ISA (e.g. x86/ARM/MIPS). Proficiency in Linux command-line environments. Experience using a decompiler such as IDA Pro, Binary Ninja, or Ghidra. Experience using vulnerability research tools such as emulators or fuzzers. Experience using a software debugger such as GDB or WinDbg. Ability to work on-site at Laurel, Maryland customer site regularly. Nice If You Have (Preferred)
Experience translating vulnerabilities into operationally relevant impact assessments and countermeasures. Experience producing technical briefings for operational stakeholders. Experience using a hardware debugger. Experience with UART, SPI, I2C. Experience with common secure communications such as TLS or SSH. Familiarity with embedded firmware, RTOS, or networked systems. Familiarity with high-side environments. Security Clearance
Active TS/SCI clearance with Polygraph required Compensation and Benefits
Two Six Technologies is committed to providing competitive and comprehensive compensation packages that reflect the value we place on our employees and their contributions. We offer medical, dental, and vision insurance, life and disability insurance, retirement benefits, paid leave, tuition assistance, and professional development. The projected salary range listed for this position is annualized. This is a general guideline and not a guarantee of salary. Salary is one component of our total compensation package and the specific salary offered is determined by various factors, including education, experience, knowledge, skills, geographic location, contract-specific affordability, and organizational requirements. How to Apply
Ready to make the first move towards growing your career? Check out the Two Six Technologies Candidate Journey for step-by-step directions on applying, what to expect during the application process, information about benefits and perks, and frequently asked questions. For questions, you can reach us at Contact Two Six Technologies. We are happy to connect and provide information to help you reach your next career milestone. Equal Opportunity and Accessibility
Two Six Technologies is an Equal Opportunity Employer and does not discriminate in employment opportunities or practices based on race, color, religion, national origin, sex, sexual orientation, gender identity or expression, age, marital status, disability, genetic information, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. If you are an individual with a disability and would like to request reasonable workplace accommodation for any part of our employment process, please email accommodations@twosixtech.com. Information provided will be kept confidential and used only to provide needed reasonable accommodations. Additionally, this business uses E-Verify in its hiring practices. Apply for this job #J-18808-Ljbffr