Motion Recruitment Partners LLC
Cleared Principal Security Reverse Engineer
Motion Recruitment Partners LLC, Arlington, Virginia, United States, 22201
If you're looking for the impact, this is the role for you. An early stage, founder‑led boutique cybersecurity firm focused on CNO development and offensive cyber is looking for a
Principal Reverse Engineer / Vulnerability Researcher . You will not be 1 of a 500‑person program; you will work directly with the co‑founders, shape tooling and tradecraft, and see the real‑world impact of what you build on mission.
This role is RE‑heavy, Windows‑heavy, and hands‑on. You will be the person digging into opaque binaries, identifying strange behaviors, proving out exploitability, and helping shape offensive capabilities.
What You Will Do
Perform in‑depth reverse engineering of Windows binaries, services, and protocols to identify unusual behaviors, weaknesses, and potential exploitation paths.
Develop proof‑of‑concept (PoC) exploits and technical demonstrations that validate findings and inform offensive capabilities.
Contribute to CNO tooling and tradecraft, from small bespoke utilities to more productized capabilities, depending on your interests.
Analyze telemetry and system behavior to surface anomalies and opportunities for collection, persistence, and access.
Work closely with Gauntlet's founders and the prime contractor team to align technical work with mission objectives.
Tech Environment
Platforms: Heavy emphasis on Windows (userland and kernel‑space exposure both useful).
Core Tools: IDA Pro, Ghidra, or similar reverse engineering suites (they are tool‑agnostic as long as you are effective).
Languages (as useful): C/C++, Python, assembly, and scripting for automation and PoCs.
Domain: CNO development, offensive cyber, vulnerability discovery and validation, and operational tooling.
What We Are Looking For Must‑Haves
5–10+ years of hands‑on experience in reverse engineering, exploit development, vulnerability research, or related low‑level security work.
Active Top Secret clearance
(ability to work in SCIF environments as required).
Deep experience with Windows internals and reverse engineering Windows binaries, applications, or drivers.
Strong fluency in IDA Pro, Ghidra, or similar reverse engineering suites.
Demonstrated ability to go from "this looks weird" to root cause analysis to PoC.
Comfort working fully onsite in Herndon, VA or Ballston, VA.
Ability to operate autonomously, own problems end‑to‑end, and communicate clearly with a small, senior team.
Nice‑to‑Haves
Direct experience with CNO development and offensive cyber operations.
Prior work on DoD/IC or large prime contracts (Lockheed, Northrop, Raytheon, etc.).
Experience in kernel‑mode reverse engineering, driver analysis, or deep Windows internals.
Background mentoring other engineers or acting as a technical lead or principal on RE/VR efforts.
Exposure to Linux, embedded, or alternative architectures (ARM, MIPS, etc.) is a plus but not required; the current work is predominantly Windows.
Location and Work Environment
Herndon, VA
Ballston, VA
Onsite Only: This role cannot be performed remotely.
Some SCIF work is required.
Compensation and Benefits
Base Salary: Target
$200,000 - $300,000
(flexible based on experience).
401(k):
6% match .
Insurance: Comprehensive health insurance coverage.
Perks:
Cell phone and home internet fully covered.
Training budget for courses, conferences, and tools that keep you sharp.
Time Off:
4 weeks PTO.
11 federal holidays.
#J-18808-Ljbffr
Principal Reverse Engineer / Vulnerability Researcher . You will not be 1 of a 500‑person program; you will work directly with the co‑founders, shape tooling and tradecraft, and see the real‑world impact of what you build on mission.
This role is RE‑heavy, Windows‑heavy, and hands‑on. You will be the person digging into opaque binaries, identifying strange behaviors, proving out exploitability, and helping shape offensive capabilities.
What You Will Do
Perform in‑depth reverse engineering of Windows binaries, services, and protocols to identify unusual behaviors, weaknesses, and potential exploitation paths.
Develop proof‑of‑concept (PoC) exploits and technical demonstrations that validate findings and inform offensive capabilities.
Contribute to CNO tooling and tradecraft, from small bespoke utilities to more productized capabilities, depending on your interests.
Analyze telemetry and system behavior to surface anomalies and opportunities for collection, persistence, and access.
Work closely with Gauntlet's founders and the prime contractor team to align technical work with mission objectives.
Tech Environment
Platforms: Heavy emphasis on Windows (userland and kernel‑space exposure both useful).
Core Tools: IDA Pro, Ghidra, or similar reverse engineering suites (they are tool‑agnostic as long as you are effective).
Languages (as useful): C/C++, Python, assembly, and scripting for automation and PoCs.
Domain: CNO development, offensive cyber, vulnerability discovery and validation, and operational tooling.
What We Are Looking For Must‑Haves
5–10+ years of hands‑on experience in reverse engineering, exploit development, vulnerability research, or related low‑level security work.
Active Top Secret clearance
(ability to work in SCIF environments as required).
Deep experience with Windows internals and reverse engineering Windows binaries, applications, or drivers.
Strong fluency in IDA Pro, Ghidra, or similar reverse engineering suites.
Demonstrated ability to go from "this looks weird" to root cause analysis to PoC.
Comfort working fully onsite in Herndon, VA or Ballston, VA.
Ability to operate autonomously, own problems end‑to‑end, and communicate clearly with a small, senior team.
Nice‑to‑Haves
Direct experience with CNO development and offensive cyber operations.
Prior work on DoD/IC or large prime contracts (Lockheed, Northrop, Raytheon, etc.).
Experience in kernel‑mode reverse engineering, driver analysis, or deep Windows internals.
Background mentoring other engineers or acting as a technical lead or principal on RE/VR efforts.
Exposure to Linux, embedded, or alternative architectures (ARM, MIPS, etc.) is a plus but not required; the current work is predominantly Windows.
Location and Work Environment
Herndon, VA
Ballston, VA
Onsite Only: This role cannot be performed remotely.
Some SCIF work is required.
Compensation and Benefits
Base Salary: Target
$200,000 - $300,000
(flexible based on experience).
401(k):
6% match .
Insurance: Comprehensive health insurance coverage.
Perks:
Cell phone and home internet fully covered.
Training budget for courses, conferences, and tools that keep you sharp.
Time Off:
4 weeks PTO.
11 federal holidays.
#J-18808-Ljbffr