Job Title

Vulnerability Researcher Job Title: Vulnerability Researcher Location: United Kingdom Employment: Full-Time Start Date: ASAP Clearance: DV/eDV Job Summary: Our Defence Cyber Research Group (CRG) is seeking a technically proficient and analytically minded Vulnerability Researcher with experience in hardware analysis to support advanced research and development activities. As Vulnerability Researcher, you will conduct in-depth technical investigations, developing prototypes, and contributing to the discovery and analysis of emerging threats and vulnerabilities. You must be eligible for or already hold eDV clearance. Key Responsibilities: Hardware teardowns, characterisations and reverse engineering. Extract and recover data from flash memory including NAND, eMMC and SPI. Conduct side channel attacks such as timing attacks, voltage glitching and power analysis. Design and implement hardware/software rapid prototypes to explore novel cyber capabilities and concepts. Analyse network protocols and system behaviours to identify potential security weaknesses. Collaborate with multidisciplinary teams to deliver technical solutions and research outcomes. Document findings and methodologies in a clear and structured manner for internal and external stakeholders. Essential Skills and Experience: Hardware development and prototyping, including PCB design and microcontroller programming. Experience extracting data from flash storage ICs. Familiarity with logic analysers and oscilloscopes. Advanced soldering and desoldering experience. Basic understanding of side channel attack techniques. (experience not required) Proficiency in at least one programming language such as C, C++, or Python. Good working knowledge of Linux-based systems, including command-line tools and system configuration. Demonstrated analytical and problem-solving capabilities, with a methodical and inquisitive approach to technical challenges. Eligible for or hold active eDV clearance Desirable Experience: Reverse engineering using tools such as IDA Pro, Ghidra, or Binary Ninja. Vulnerability research, including exploit development and mitigation bypass techniques. Embedded software development for platforms such as ARM Cortex, AVR, or MIPS. Experience with Radio Frequency (RF) systems, Software Defined Radios (SDRs), 2G/4G/5G, including tools like GNU Radio, Osmocom, srsRAN or USRP. Network engineering experience either home lab or professional. Next Steps: If interested, send your most recent to: so that we can speak in more detail. TPBN1_UKTJ