Back to search

Vulnerability Researcher

BAE Systems

Job Description

Vulnerability Researcher

Location: Gloucester, Manchester or London

Our world class team of Vulnerability Researchers and Reverse Engineers tackle some of the most interesting problems with a meaningful and tangible impact on the national security of the UK. We are growing our VR team significantly and are looking for a diverse range of talent from experienced Vulnerability Researchers with a proven track record to those with a keen interest and aptitude looking to develop their skills in this exciting space!

We have a community of technical specialists with a friendly and inclusive culture with great opportunities to learn from experts and make use of a carefully curated training plan with some of the best trainers and conferences available.

Our focus is on a wide variety devices, platforms and technologies. VR, RE or development experience with mobile (Android, IOS), firmware, Linux, IoT and Windows is useful but most important is a willingness to learn as all of our projects bring new and interesting challenges.

Job Summary

  • Performing Vulnerability Research and Reverse Engineering to handle complex and unique challenges across a myriad of platforms
  • Learning to use tools like Ghidra, IDA Pro, Unicorn and Frida plus developing bespoke tooling when needed
  • Working in a vibrant and inclusive team of specialists where success often comes from teamwork and a diverse approach to solving problems
  • Developing junior members of staff with a keen interest in RE and VR to realise their potential

Ideal candidate background:

  • An interest and aptitude for Vulnerability Research, Reverse Engineering, and Exploit Development (either from a professional background or by demonstrating an aptitude e.g. by playing capture the flag challenges)
  • Low-level knowledge in how languages function across the application stack from assembly through to interpreted languages and everything in between
  • Understanding of the exploit development lifecycle from identifying bugs up to fully developed proof of concepts
  • Proficient in at least one programming language (e.g. Python, Java, C#, C++)

How you will be supported:

  • Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before
  • You can work around core hours with flexible and part-time working
  • Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more
  • You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Systems Digital Intelligence
  • Don't know a particular technology? Your learning and development is key to your future career
  • You'll be part of our bonus scheme
  • You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing

Security Clearance is required for this vacancy. If you are not currently Security Cleared, you will need to be eligible for this and willing to go through the process. For more guidance on National Security Vetting please click here.

Life at BAE Systems Digital Intelligence

We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing.

Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential.

About BAE Systems Digital Intelligence

We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.

Division overview: Government

At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Government contracts are an area we have many decades of experience in. Our Government business unit houses four of our critical client groups: UK National Security, Global National Security, defence and central government. Government and key infrastructure networks are critical targets to defend as the effects of these networks being breached can be devastating.

As a member of the Government business unit, you will defend the connected world and ensure the protection of nations. We all have a role to play in defending our clients, and this is yours.

Good luck with your application