Vulnerability & Exploitation Specialist

Job Description

Job Description

What Impact You'll Have:

Our team conducts Vulnerability Research and Reverse Engineering in a rapid prototyping, R&D environment. On this highly-visible program, you can get your hands dirty with a wide variety of tools and systems and get a chance to do some of the really cool things that can be done with a CNO skill set. The project consists of small teams working closely with customers to respond to specific mission needs, create new tools and techniques, and address ongoing challenges. This work is very hands-on, and the culture supports developing talent and letting smart people grow and tackle real-world challenges in a flexible, fun environment. On this project you could work with C/C++, Python, Assembly (x86/x64), Java, mobile OS's, windows, linux, RE and debugging tools, and more. Work on this program takes place in both customer and contractors SCIFs in the Annapolis Junction, MD area (we cannot support remote work) and requires a TS/SCI + Poly clearance (acceptable to this customer).

What You'll Be Owning:

GRVTY is seeking a Vulnerability & Exploitation Specialist with a TS/SCI + Poly clearance (applicable to this customer) to join one of our top projects in Annapolis Junction, MD. We are looking for candidates who have discovered a 0-day vulnerabilities or a list of CVEs (public vulnerability disclosures) they discovered or contributed to. We are also looking for any specific work they've done exploiting vulnerabilities.

What You Must Have:

• Active TS/SCI with Polygraph Clearance
• Skills/experience listed out in order of priority:
• 0-day vulnerabilities or CVEs discovered and attributed to themselves
• History performing vulnerability research
• Experience with writing or using fuzzers – AFL, LibFuzzer, ClusterFuzz, oss-fuzz
• Experience with code analysis tools – CodeQL, Joern, Semgrep
• History of exploiting or productizing 0-day vulnerabilities
• History of exploiting or productizing n-day vulnerabilities/CVEs/publicly disclosed vulnerabilities
• History of reverse engineering malware or other code for CNE purposes
• Experience with reverse engineering tools – Ghidra, Ida Pro, Binary Ninja Experience using debuggers – GDB or WinDbg
• Experience writing, navigating, and building C/C++ code
• Experience with tools like VsCode, Visual Studio, VIM/Emacs
• Familiarity with ARM or MIPS architectures and Linux variants
• We also use Python to write a lot of our tools, so that is good to see

#LI-BPJ

Pay Range: At GRVTY, we understand that compensation is influenced by many factors—such as geographic location, federal contract labor categories, wage rates, prior experience, skillsets, education, and certifications.
We're proud to offer a work environment that empowers our team to achieve a strong work-life balance. GRVTY provides competitive pay, comprehensive benefits, and meaningful opportunities for professional growth.
Our benefits package is designed to support the well-being of our employees and their families, and includes coverage in areas such as healthcare, financial wellness, retirement planning, family assistance, continued education, and paid time off.

Pay Range

$180,000—$230,000 USD

Why Choose GRVTY

The toughest national security challenges demand vision and ingenuity, not just resources. We deliver mission and technical expertise to outpace our adversaries. We're purpose-built to tackle the most entrenched, systemic national security issues around the world.

We partner with our customers to help them overcome challenges in every corner of technology and defense—including the ones still being explored. Our growing capabilities create complementary advantages, giving on-the-ground operations the edge they need to succeed. We muster everything we have to answer every challenge presented, every day of our lives.

At GRVTY, we believe that when our employees thrive, our company thrives. That's why we offer a comprehensive and competitive benefits package designed to support your well-being, growth, and work-life balance.

• Robust health plan including medical, dental, and vision

• Health Savings Account with company contribution

• Annual Paid Time Off and Paid Holidays

• Paid Parental Leave

• 401k with generous company match

• Training and Development Opportunities

• Award Programs

• Variety of Company Sponsored Events

EEO Statement

GRVTY, is an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran and will not be discriminated against on the basis of disability.

Anyone requiring reasonable accommodations should email  View email address on ziprecruiter.com or call View phone number on ziprecruiter.com with requested details.  A member of the HR team will respond to your request within 2 business days. 

Know Your Rights: Workplace Discrimination is Illegal (eeoc.gov) 

Please review our current job openings and apply for the positions you believe may be a fit. If you are not an immediate fit, we will also keep your resume in our database for future opportunities.