Title: Senior Vulnerability Researcher
KBR is seeking a Senior Vulnerability Researcher to lead vulnerability discovery and validation against embedded systems and firmware. This role owns end-to-end vulnerability research: building emulation-backed test environments, designing fuzzing and analysis workflows, performing crash triage and root-cause analysis, and developing proof-of-concept exploits to validate impact in a controlled lab setting.
The Senior Vulnerability Researcher provides technical leadership, mentors engineers into defined proficiencies, and works directly with government customers to deliver reproducible findings and scalable research capability.
Key Responsibilities:
• Lead and mentor vulnerability researchers; set technical direction and intentionally develop individual proficiencies • Execute vulnerability research on embedded targets using asset-safe approaches • Build and maintain fuzzing pipelines, including target selection, harness development, seed/corpus management, and coverage-driven campaign design • Perform crash triage, exploitability assessment, and root-cause analysis • Develop proof-of-concept exploits to demonstrate vulnerability impact in controlled labs • Create controlled test harnesses and orchestration to exercise payload delivery and validate behavior deterministically across runs • Reverse engineer firmware/binaries as needed to understand vulnerable code paths, exploitation constraints, and exploit mechanics • Engage customers to understand mission outcomes and shape scalable research approaches • Produce high-quality technical reports and supporting artifacts suitable for release
Minimum Qualifications:
Security Clearance: Must have an active U.S. government Secret security clearance, which is something only a U.S. citizen can obtain.
Education: Master's degree in Computer Engineering, Electrical Engineering, Computer Science, or a related field.
10+ years of experience, including at least 5 years in vulnerability research, reverse engineering, or exploit development.
Strong understanding of embedded systems, firmware, operating systems, and low-level software behavior.
Proficiency in C/C++, Python, and assembly for vulnerability research, harness development, and automation.
Experience building emulation-backed analysis environments.
Demonstrated experience with coverage-guided fuzzing, harness development, and crash triage workflows.
Demonstrated ability to produce proof-of-concept exploits for vulnerability validation.
Demonstrated leadership, mentorship, and customer engagement experience.
Preferred Qualifications:
Experience with hybrid fuzzing and advanced analysis techniques.
Experience scaling fuzzing or dynamic testing programs.
Experience with hardware security research.
Publications, reports, or presentations in vulnerability research or embedded security.
Basic Compensation: $142,000 - $213,000 (For Beavercreek, OH Only)
The offered rate will be based on the selected candidate's knowledge, skills, abilities and/or experience and in consideration of internal parity.
Additional Compensation:
KBR may offer bonuses, commissions, or other forms of compensation to certain job titles or levels, per internal policy or contractual designation. Additional compensation may be in the form of a sign on bonus, relocation benefits, short-term incentives, long-term incentives, or discretionary payments for exceptional performance.
Belong, Connect and Grow at KBR
At KBR, we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company. That commitment is central to our team of team's philosophy and fosters an environment where everyone can Belong, Connect and Grow. We Deliver - Together.
KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.
When you become part of the When you become part of the KBR team, your opportunities are endless. As a leading global technology, engineering, procurement and construction company serving the hydrocarbons and government services industries. For decades it has been the company that customers turn to for their most challenging assignments.
With operations in 40 countries, KBR has more than 25,000 people delivering services to customers in over 70 countries. Together they represent an unmatched reservoir of talent and experience in a wide range of markets.
Whatever the assignment, no matter how complex or demanding, KBR can marshal resources across every product line to respond quickly and effectively to changing markets and customer needs.
Whether it's providing the technology and consulting know-how to develop our customers' valuable assets; designing and constructing the infrastructure and facilities to develop energy resources in some of the world's more remote and challenging locations; providing support and services for men and women of their countries' armed forces; or navigating the intricacies of undertaking major projects in geopolitically or culturally sensitive environments, our clients depend on KBR because they know that We Deliver.
Join us and you'll be part of a dynamic, elite team of professionals who understand what it takes to get a job done and has the experience, knowledge and determination to succeed.”