Senior Vulnerability Researcher – Windows / CNE

M9 Solutions

Arlington, Virginia

JOB DETAILS
SKILLS
Accounting, Affirmative Action, Analysis Skills, Applications Security, Architectural Analysis, Assembly Language, Automation, Business Analysis, C Programming Language, C++ Programming Language, Cloud Applications, Communication Skills, Compensation and Benefits, Computer Security, Data Analysis, Debugging Skills, Debugging Tools, Device Drivers, Federal Contracts, Federal Government, Federal Laws and Regulations, Finance, Government Contracts, IDA Pro, Infrastructure Software, Internet Security, Kernel Programming, Machine Tool, Memory Management, Microsoft Windows Operating System, Microsoft Windows System Internals/Programming, On Site Support, Operating Systems, Operations Research, Performance Management, Process Modeling, Project/Program Management, Prototyping, Python Programming/Scripting Language, Rehabilitation Act, Research Skills, Reverse Engineering, Scripting (Scripting Languages), Sensitive Compartmented Information (SCI), Small Business, Software Development, Technical Support, Technical Writing, Top Secret Clearance, Virtualization, WinDbg, x86 Processors
LOCATION
Arlington, Virginia
POSTED
24 days ago

M9 Solutions is dedicated to providing IT services and solutions to the Federal Government by mobilizing the right people, skills, clearance levels, and technologies to help organizations that desire improved performance and modern, sustainable change. M9 has provided quality IT services and support to more than 30 Federal Agencies and multiple commercial customers nationwide. Our capabilities include IT Talent Solutions, Data Delivery & Analytics, Cyber Security, Cloud Migration, Applications and Infrastructure, Software Development, and Finance & Accounting.

 

M9 Solutions is seeking a Senior Vulnerability Researcher – Windows / CNE to work on-site in support of a government contract for a client located in Arlington, VA. An active TS/SCI clearance is required.

Responsibilities

  • Lead advanced vulnerability research on Windows operating systems, applications, and core OS components (including kernel and drivers).
  • Analyze, reverse engineer, and understand complex vulnerabilities to support CNE/CNO missions.
  • Use tools such as IDA Pro, Ghidra, Binary Ninja, and WinDbg/x64dbg for in‐depth binary analysis and debugging, including creating or extending custom tooling when needed.
  • Own end‐to‐end research on difficult, poorly documented Windows targets with minimal guidance, from scoping and experimentation through proof‐of‐concept.
  • Develop and document technical approaches, findings, and PoCs to validate vulnerabilities and exploitation paths.
  • Continuously explore and prototype novel techniques for vulnerability discovery and exploitation on modern, mitigated Windows platforms.
  • Collaborate with mission and engineering teams to translate research into operational capabilities.
  • Act as the senior technical point of contact and subject‐matter expert for Windows vulnerability, exploitation, and OS‐internals questions.

Required Skills and Qualifications

  • Active TS/SCI clearance.
  • 3+ years in vulnerability research, exploit development, or CNE‐focused reverse engineering, with a sustained focus on Windows (user and kernel mode) rather than general app security or pen‐testing.
  • Deep, practical understanding of Windows internals (kernel architecture, drivers, memory management, system calls, process/thread models, and security mechanisms).
  • Strong CNE/CNO background; experience leveraging vulnerabilities in support of real‐world operations or mission environments.
  • Demonstrated track record solving very hard, low‐level technical problems with minimal guidance, including on research efforts where many others have struggled to make progress.
  • Demonstrated experience discovering and exploiting non‐trivial vulnerabilities in modern, mitigated Windows environments (e.g., ASLR, DEP, CFG, virtualization‐based security).
  • Hands‐on experience with reverse engineering and debugging tools (IDA Pro, Ghidra, Binary Ninja, WinDbg, x64dbg, etc.).
  • Fluency in x86/x64 assembly and strong C/C++ skills, plus scripting experience (e.g., Python) for automation, tooling, and PoCs.
  • Strong analytical mindset and ability to clearly communicate complex technical findings to both technical and non‐technical stakeholders.

Full-Time Employee Compensation

  • M9 Solutions’ pay range for this position is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include, but are not limited to, responsibilities of the position, education, experience, knowledge, skills, abilities, as well as internal equity, location, alignment with market data, applicable bargaining agreement (if any), or other law.
  • M9 Benefits - https://m9solutions.com/why-join-m9/#our-benefits

Salary Range

$160,000 - $220,000USD

M9 Solutions, LLC (M9) is a Federal sub-contractor and we comply with all applicable federal laws prohibiting discrimination in employment, including Title VII of the Civil Rights Act of 1964. We also adhere to the affirmative action requirements of the Vietnam Era Veterans' Readjustment Assistance Act (VEVRAA) and Section 503 of the Rehabilitation Act, ensuring equal opportunity for veterans and individuals with disabilities. Please click here to complete M9's Voluntary Self-Identification Form and then email it to 

hr@m9solutions.com

. If you need accommodation during the application process or encounter difficulties using our website, please contact our Human Resources Department at 

hr@m9solutions.com

 or 703-936-0880 

M9 Solutions is a proud participant in the Virginia Values Veterans (V3) program and supports the Military Medics and Corpsmen (MMAC) initiative, demonstrating our commitment to hiring and supporting veterans, transitioning service members, military spouses, and dependents. 

With 15+ years of proven delivery and growth, M9 Solutions is a unique small business with credible past performance and key capabilities offering project management services, solution architects, business analysts, program managers, technical architects, and technical consultants. M9 was recognized as an Inc. 5000 Fastest-Growing Private Companies in 2021, 2020, 2019, 2018, 2017, 2016, and 2012. M9 Solutions believes that work should be fun, rewarding, and something everyone can be excited about. We offer a competitive compensation package and value diverse perspectives in driving the vision of the company. 

About the Company

M

M9 Solutions

With 12+ years of proven delivery and steady growth, M9 is a unique small business with credible past performance and key capabilities DELIVERING THE DIGITAL FUTURE ℠ to the public sector.
Inc. 500 2011
Inc. 5000 Fastest-Growing Private Companies 2020, 2019, 2018, 2017, 2016, 2012

COMPANY SIZE
100 to 499 employees
INDUSTRY
Government and Military
FOUNDED
2007
WEBSITE
https://m9solutions.com/