Sr. Exploit Developer (Cheltenham UK)

Company Overview

VulnCheck delivers next-generation exploit and vulnerability intelligence solutions for enterprise, Government and product teams to prevent large-scale remote code execution events with better, faster exploit data, massive-scale real-time monitoring and predictively-built detection artifacts. VulnCheck’s 300M+ unique data from 400+ sources points help vulnerability management and response teams outpace adversaries - autonomously. VulnCheck is an RSAC Innovation Sandbox finalist and a Black Hat Startup Spotlight finalist.   

Job Summary

VulnCheck is looking for a Senior Exploit Developer with a background in reverse engineering & exploit development. This role is a Senior level position.

Location

This is a 100% remote role but we're primarily looking for candidates in Cheltenham, United Kingdom.

Why Join VulnCheck?

VulnCheck stands behind its mission to influence how organizations worldwide understand, assess, and remediate security vulnerabilities - and to deliver intelligence-based solutions that change the world. 

You’ll be joining a collaborative, supportive environment that values intellectual curiosity, technical mastery, and personal growth. (And more - below) 

• Leverage your expertise: Work on cutting-edge threat intelligence initiatives that matter, alongside the top domain experts in the field.
• Shape the industry: Influence how vulnerabilities are classified, scored, mapped, and remediated at scale for enterprise customers and for the entire cybersecurity industry.
• Grow your impact: Collaborate with global partners, lead high-visibility projects, and drive standards across the security community.
• Innovate and explore: Conduct research and develop tools for automating and improving vulnerability enrichment and mapping.

Key Responsibilities

• Reverse engineering software to discover the root cause analysis (RCA) of vulnerabilities.
• Authoring original software exploits for initial access vulnerabilities, when little or no publicly-available proof of concept code for exploiting such vulnerabilities exists.
• Implementing detections (such as Suricata & Snort signatures, YARA rules, etc.) for identifying such initial access vulnerabilities being exploited on the wire
• Writing Attack Surface Management (ASM) queries (e.g., Shodan, Census, FOFA, & ZoomEye) for finding vulnerable systems likely to be targeted

Required Qualifications

• Prior experience with writing exploit code for RCE / initial access vulnerabilities (that do not require authentication to exploit)
• Experience working on technical projects remotely, alone, and on small teams

Preferred Qualifications

• Prior Cybersecurity work experience (at a vendor or in Government).
• Able to share example exploit code written.

Benefits

• Competitive compensation package.
• Flexible work arrangements with the option to work remotely 100% of the time.
• Dynamic work environment with opportunities for growth and advancement.
• Access to continuous learning and development programs.

Ready to move from enabling the ecosystem to leading its evolution? Apply now and help us protect what matters most!