Vulnerability Researcher

Title:

Why Join Us

• Innovative Projects: KBRs work is at the forefront of engineering logistics operations science program management mission IT and cybersecurity solutions.

• Collaborative Environment: Be part of a dynamic team that thrives on collaboration and innovation fostering a supportive and intellectually stimulating workplace.
• Impactful Work: Your contributions will be pivotal in designing and optimizing defense systems that ensure national security and shape the future of space defense.

KBR is seeking a Vulnerability Researcher to support vulnerability discovery and validation efforts against embedded systems and this role you will focus on handson vulnerability research including building emulationbacked test environments developing fuzzing workflows performing crash triage and rootcause analysis and assisting with proofofconcept exploit development in a controlled lab setting.

The Vulnerability Researcher works closely with reverse engineers and senior vulnerability researchers to deliver reproducible findings and highquality technical documentation for government customers while continuing to deepen technical proficiency across missionrelevant domains.

Key Responsibilities

• Conduct vulnerability research on embedded targets using assetsafe approaches such as emulation virtualization and controlled experimentation
• Develop and execute fuzzing campaigns including target setup fuzz harness development seed/corpus management and coveragedriven testing
• Perform crash triage and rootcause analysis to identify and characterize security vulnerabilities
• Assist in the development of proofofconcept exploits to validate vulnerability impact in controlled laboratory environments
• Create and maintain test harnesses and supporting infrastructure to exercise payload delivery and validate behavior repeatably
• Reverse engineer firmware and binaries as needed to understand vulnerable code paths and exploitation constraints
• Collaborate with vulnerability researchers reverse engineers and developers support mission objectives
• Document findings and produce technical reports and artifacts suitable for release
• Research and apply new vulnerability research tools and techniques under senior technical guidance

Minimum Qualifications

• Security Clearance: Must have an active U.S. government Secret security clearance which is something only a U.S. citizen can obtain
• Bachelors degree in Computer Engineering Electrical Engineering Computer Science or a related field
• 49 years of experience in vulnerability research reverse engineering or exploit development
• Strong understanding of embedded systems firmware operating systems and lowlevel software behavior
• Proficiency in C/C Python and assembly for vulnerability research harness development and automation
• Experience with embedded emulation environments
• Experience with coverageguided fuzzing fuzz harness development and crash triage workflows

Preferred Qualifications

• Experience developing proofofconcept exploits for vulnerability validation
• Exposure to analysis techniques such as symbolic execution concolic execution or taint analysis
• Experience with hardwarefocused vulnerability research or embedded security testing
• Demonstrated ability to communicate technical findings clearly in written reports

Basic Compensation:$99200 - $130000 (For Beavercreek OH Only)
The offered rate will be based on the selected candidates knowledge skills abilities and/or experience and in consideration of internal parity.

Belong Connect and Grow at KBR

At KBR we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to and ongoing journey toward being a People First company. That commitment is central to our team of teams philosophy and fosters an environment where everyone can Belong Connect and Grow. We Deliver Together.

KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color religion disability sex sexual orientation gender identity or expression age national origin veteran status genetic information union status and/or beliefs or any other characteristic protected by federal state or local law.