Offensive Security Researcher (remote)
Corus Group, LLC
Job Info
Position Description
This exciting opportunity is a full-time, permanent position with Converge. We are seeking a highly skilled Offensive Security Researcher with a deep understanding of vulnerability discovery and exploit development. The role focuses on identifying previously unknown (zero-day) vulnerabilities in commercial and open-source software, creating proof-of-concept (PoC) exploits, and working closely with external third parties to mitigate risks. You will be at the forefront of cybersecurity research, analyzing software systems, reverse engineering code, and crafting innovative offensive techniques to identify emerging threats.
Key Responsibilities:
- Conduct vulnerability research across various platforms and technologies (e.g., desktop applications, cloud services, IoT, mobile, embedded systems)
- Use manual inspection, automated tools, and scripts to find vulnerabilities in software and hardware
- Analyze and reverse engineer software to discover security weaknesses and undocumented features
- Develop reliable and weaponized Proof-of-Concept (PoC) exploits for identified vulnerabilities
- Work on fuzzing frameworks, custom tools, and scripts to automate vulnerability discovery
- Collaborate with third parties to ensure timely vulnerability disclosure and patch development
- Document research findings through technical write-ups, advisories, internal reports, and blogs
- Stay up-to-date with the latest security trends, tools, and techniques, and apply them to ongoing research
- Present findings at relevant conferences, webinars, and other public forums
- Advanced knowledge of modern programming languages
- Familiarity with software security concepts, including vulnerability types (e.g., race conditions, privilege escalation, SQLi, XSS)
- Experience in network protocol analysis, packet crafting, and penetration testing tools (e.g., Wireshark, Burp Suite, Metasploit)
- Familiarity with static and dynamic code analysis tools and techniques.
- Familiarity with emulator and virtualization technologies
- Self-starter and requires minimal supervision
- Strong communications skills (written and verbal)
- Strong documentation skills required for deliverable development
- Strong organization skills to effectively manage your own time, calendar and follow-ups
- 3-5 years of hands-on experience in offensive security research, with a proven track record of vulnerability discovery and exploit development
- Prior CVEs to your name
- Strong experience with dynamic analysis and debugging tools such as WinDbg, gdb, Frida, etc
- Experience with fuzzing methodologies and frameworks (e.g., AFL, libFuzzer, Peach, etc.)
- Understanding of modern exploitation mitigations and bypass techniques (e.g., ASLR, DEP, CFG, CFI)
- Experience contributing to open-source security tools or vulnerability databases
- Certifications relevant to the role, such as the OSWE, OSED and/or OSEE
- 4-year college degree in Computer Science or Cybersecurity
This position is remote within the United States.
Total Rewards:
We offer a comprehensive total rewards package that includes base salary, quarterly bonus, healthcare benefits, 401k match, company stock match program, PTO/holiday, training/development and so much more.
Get Hired Faster
Subscribe to job alerts and upload your resume!
*By registering with our site, you agree to our
Terms and Privacy Policy.
Share diversity job
Offensive Security Researcher (remote) is posted on all sites within our Diversity Job Network.
