Principal Security Researcher

Clarity Innovations is a trusted national security partner, dedicated to safeguarding our nation’s interests and delivering innovative solutions that empower the Intelligence Community (IC) and Department of Defense (DoD) to transform data into actionable intelligence, ensuring mission success in an evolving world.

Our mission-first software and data engineering platform modernizes data operations, utilizing advanced workflows, CI/CD, and secure DevSecOps practices. We focus on challenges in Information Warfare, Cyber Operations, Operational Security, and Data Structuring, enabling end-to-end solutions that drive operational impact.

We are committed to delivering cutting-edge tools and capabilities that address the most complex national security challenges, empowering our partners to stay ahead of emerging threats and ensuring the success of their critical missions. At Clarity, we are people-focused and set on being a destination employer for top talent, offering an environment where innovation thrives, careers grow, and individuals are valued. Join us as we continue to lead innovation and tackle the most pressing challenges in national security.

• Perform vulnerability research and reverse engineering for customer tasks 
• Perform static and dynamic analysis applying research tools such as disassemblers, debuggers, and fuzzers 
• Be able to communicate security research findings internally and, when and where it is appropriate, externally
• Mentor fellow security researchers

• Must be able to obtain and maintain a TS/SCI security clearance (note, only US Citizens are eligible for security clearances)
• Bachelors degree in Computer Engineering, Computer Science, Software Engineering, or a related technical discipline. Degree requirement can be met with four years of hands on experience in a software engineer or similar full time position
• Experience with Ghidra, Binary Ninja, IDA or other reverse engineering/disassembler tools
• Experience working in Linux fundamentals (strong grasp of sockets, file descriptors, networking, iptables, file systems, kernel, etc.)
• Ability to read and write C and assembly languages as needed (ARM, MIPS, X86) with some oversight or supervision
• Strong programming fundamentals; particularly with networking, data structures, and data models
• Strong knowledge of AndroidOS
• Strong knowledge of reverse engineering and vulnerability research
• Documented ability to develop exploits for common vulnerability classes

• Currently possess a Top Secret security clearance
• OS and kernel reverse engineering 
• Mitigation circumvention
• Chrome v8 JS engine exploitation experience
• Chrome IPC exploitation experience 
• Understanding of fuzzers 
• Strong understanding of dynamic analysis with gdb/gdbserver and similar tools
• Basic understanding of processor tool chains and how to set them up
• Understanding of emulation using Qemu for running binaries in a non-native environment
• Experience identifying 0-days and vulnerabilities