Vulnerability Researcher (Software)

Vulnerability Researcher - Cheltenham, UK

• Base salary up to £85,000 depending on experience
• Hybrid working, average 3 days onsite per week
• Active SC clearance required minimum

About the client

Our client is a highly respected UK organisation delivering advanced cyber and security research for critical national programmes. They invest heavily in innovation, technical excellence, and long-term capability building. Due to continued growth in specialist research projects, they are now looking to appoint an experienced Vulnerability Researcher.

The benefits

• Compressed working week option (4 or 4.5 days)
• Annual bonus scheme
• Enhanced family friendly and sick pay policies
• Access to flexible benefits including health and wellbeing options
• Additional cash bonus opportunities

The Vulnerability Researcher role

As a Vulnerability Researcher, you will carry out deep technical research into complex software systems, identifying vulnerabilities and exploring novel attack techniques across modern platforms.

You will work closely with multidisciplinary teams to design prototypes, test hypotheses, and document findings that directly influence future cyber capabilities.

Key responsibilities include:

• Reverse engineering of software binaries and applications
• Conducting vulnerability research across operating systems, applications, and network services
• Developing proof of concepts and exploits to demonstrate impact
• Analysing system behaviour, APIs, and network protocols to uncover security weaknesses
• Fuzzing and dynamic analysis of software to identify unknown vulnerabilities
• Contributing to tool development to support vulnerability discovery and analysis
• Producing clear technical documentation for a range of stakeholders

Vulnerability Researcher essential skills

• Previous experience in software vulnerability research or exploit development
• Solid programming skills with C, C++, Python, or similar
• Experience with reverse engineering tools such as Ghidra, IDA Pro, or Binary Ninja
• Understanding of operating system internals, particularly Linux or Windows
• Experience with debugging tools and techniques

Desirable experience

• Experience in exploit mitigation bypass techniques (ASLR, DEP, sandbox escape)
• Familiarity with fuzzing frameworks and automated testing approaches
• Exposure to network protocols and distributed systems
• Scripting or automation experience for vulnerability discovery workflows
• Knowledge of secure software development practices
• Experience working in research led or highly technical environments

Key skills

Vulnerability Researcher, software security, reverse engineering, exploit development, Linux, Windows internals, fuzzing, C, C++, Python, cyber research, NSD