Vulnerability Researcher II (Cyber260)
Company: Research Innovations
Location: San Antonio
Posted on: April 1, 2026
|
|
|
Job Description:
Research Innovations Inc. (RII) is redefining national security
technology. We combine mission-driven impact with cutting-edge
research and a culture that values autonomy, creativity, and
technical excellence. We are seeking security researchers to
independently explore and exploit complex systems, from kernels to
embedded platforms, to solve the unsolvable. This role combines
deep technical problem-solving with real-world impact on defense
and homeland security systems. Get sit done. This position requires
an Active US Top Secret security clearance, and the ability to
upgrade to TS/SCI Special Access Program access WHAT YOU WILL BE
DOING Conducting in-depth reverse engineering and vulnerability
analysis across various architectures and platforms, including
x86/64, ARM, PowerPC, and more Researching and analyzing operating
system and application internals, identifying and understanding
security strengths and weaknesses of those systems Developing and
enhancing functionality by adding features and capabilities to
undocumented interfaces Modeling and analyzing in-memory compiled
application behavior to identify potential vulnerabilities and
improve security measures Developing and understanding
mobile/embedded systems and kernel modules, particularly related to
vulnerability research Participating actively in our extensive
Vulnerability Research mentorship program, sharing knowledge and
collaborating with colleagues WHAT YOU HAVE DONE Proficient
understanding of wireless networking and associated security
protocols, such as Wi-Fi ( 802.11 ), Bluetooth, or cellular
networks (2G/3G/4G/5G). Familiarity with common vulnerabilities and
attack vectors in wireless communication Strong grasp of legacy
exploit mitigations and bypass techniques, including but not
limited to Address Space Layout Randomization (ASLR), Data
Execution Prevention (DEP/NX), Stack Cookies (Canaries), and
Control Flow Integrity (CFI). Experience in identifying and
circumventing these security measures In-depth knowledge of both
security and network fundamentals, such as cryptography,
authentication, access control, and network protocols (TCP/IP, UDP,
DNS, HTTP, etc.). Understanding the security implications and
potential vulnerabilities associated with these concepts
Programming experience with both scripted languages (preferably
Python3) and compiled languages (preferably C). Ability to write
efficient and secure code for vulnerability research and exploit
development purposes Familiarity with low-level architectures such
as x86, ARM, or MIPS. Understanding the underlying principles,
instruction sets, and memory models of these architectures for
vulnerability identification and analysis Experience with operating
system internals and implementations, including Windows, Linux, or
macOS. Knowledge of system structures, process management, memory
management, and security mechanisms at the kernel level Excellent
oral, written, and interpersonal communication skills, with the
ability to effectively convey complex technical concepts and
interact with customers and team members alike EVEN BETTER
Experience with vulnerability research and reverse engineering of
real-time operating systems (RTOS), such as FreeRTOS, QNX, or
VxWorks. Understanding the unique security challenges and attack
vectors specific to RTOS environments Bachelor's or postgraduate
degree in Computer Science, Computer Engineering, or a related
field Experience with software protection and binary armoring
techniques, such as anti-debugging, code obfuscation, or tamper
resistance. Understanding the methods employed to protect software
from reverse engineering and vulnerability discovery Proficiency in
agile development methodologies, including Scrum or Kanban, for
efficient collaboration and iterative development in a
cybersecurity context Familiarity with low-level iOS/Android
development and associated security considerations, such as
jailbreaking or rooting, application sandboxing, or secure
interprocess communication (IPC) Knowledge of hypervisors and their
security implications, including virtualization-based security,
guest escape vulnerabilities, or hypervisor-based rootkits
Proficiency in malware analysis, including static and dynamic
analysis techniques, behavioral analysis, and code deobfuscation.
Experience in identifying and analyzing malware samples to
understand their capabilities and potential vulnerabilities
Experience with constraint solving techniques, such as symbolic
execution, theorem proving, or model checking, for vulnerability
identification, verification, and exploit generation Background in
machine learning, particularly in the context of vulnerability
analysis and detection, such as using ML techniques to identify
patterns in code or analyze network traffic for anomaly detection
At RII, we believe that diversity in our workforce is critical to
our success. We strive to hire great people from a wide variety of
backgrounds, not just because it’s the right thing to do, but
because it makes us stronger. We work to help your intellectual
passions and creativity thrive. It’s one of our core values: Let
your geek flag fly. We also offer all employees comprehensive
benefits including: flexible work schedules, health insurance
coverage, paid time off, 401k with a company match, paid parental
leave, access to wellness programs and much more. You get this all
from day one, and all paid for by RII. It’s all part of another of
our core values: Stay human. It’s why our comfortable and colorful
offices such as our headquarters, include a community game room,
pantry, massage chair, and an escape room, among other amenities.
It’s why we have community ambassadors and regular community
events. Research Innovations, Inc. is an equal opportunity
employer. All qualified applicants will receive consideration for
employment without regard to race, color, religion, sex, sexual
orientation, gender, gender identity or expression, national
origin, genetics, disability status, protected veteran status, age,
or any other characteristic protected by state, federal or local
law. LI-AC1 We may use artificial intelligence (AI) tools to
support parts of the hiring process, such as reviewing
applications, analyzing resumes, or assessing responses. These
tools assist our recruitment team but do not replace human
judgment. Final hiring decisions are ultimately made by humans. If
you would like more information about how your data is processed,
please contact us.
Keywords: Research Innovations, Austin , Vulnerability Researcher II (Cyber260), Engineering , San Antonio, Texas
