Experienced Vulnerability Researcher

🔒 Confidential Employer
Posted 20 August 2025
LOCATION
Cheltenham
TYPE
Full-time
LEVEL
Mid-Senior level
CATEGORY
Cyber Security
This employer holds a UK Home Office sponsor license — sponsorship for this specific role is at the employer’s discretion

SKILLS

Reverse engineering ARM/ARM64/MIPS C/C++ Bug hunting Ethical hacking Linux Android Vulnerability research

FULL DESCRIPTION

Summary

CoreTech is seeking an experienced Vulnerability Researcher to join their team in Cheltenham. The role involves researching vulnerabilities, reverse engineering, and developing solutions for cyber security clients. Candidates should have a background in bug hunting, ethical hacking or reverse engineering and possess skills in areas such as ARM, C/C++, and Linux.

Key Responsibilities/Duties:

  • Developing a deep understanding of how Android mobile devices work, from applications to kernel.
  • Reverse engineering proprietary binaries using your knowledge of ARM, ARM64, and MIPS.
  • Auditing C and C++ source code, spotting security flaws that others haven’t.
  • Growing the team’s capabilities by developing novel tools and techniques to enable cutting-edge vulnerability research.
  • Working in tandem with other hugely talented vulnerability researchers and software engineers.
  • Designing and producing niche solutions with immediate real-world impact.

Core Requirements/Qualifications/Skills:

  • Reverse engineering in IDA Pro or Ghidra.
  • Familiarity with one or more of ARM, AARCH64, x86, x64 and MIPS.
  • Knowledge of bug hunting / vulnerability research.
  • Ethical hacking, including familiarity with web/network technologies.
  • Knowledge of exploitation techniques and mitigations.
  • Experience and knowledge of Linux and its internals.
  • Experience and knowledge of Android or iOS and its internals.
  • A good understanding of the C or C++ language.

Typical tasks might include

- Developing a deep understanding of how Android mobile devices work, from applications to kernel.

- Reverse engineering proprietary binaries using your knowledge of ARM, ARM64, and MIPS.

- Auditing C and C++ source code, spotting security flaws that others haven’t.

- Growing the team’s capabilities by developing novel tools and techniques to enable cutting-edge vulnerability research.

- Working in tandem with other hugely talented vulnerability researchers and software engineers.

- Designing and producing niche solutions with immediate real-world impact.

An ideal candidate will

- Have a passion for cyber security.

- Thrive on solving difficult and complex problems.

- Have a genuine interest in bug hunting and be familiar with recent vulnerabilities.

- Enjoy sharing their knowledge and working with team members.

Your Experience

- Reverse engineering in IDA Pro or Ghidra.

- Familiarity with one or more of ARM, AARCH64, x86, x64 and MIPS.

- Knowledge of bug hunting / vulnerability research.

- Ethical hacking, including familiarity with web/network technologies.

- Knowledge of exploitation techniques and mitigations.

- Experience and knowledge of Linux and its internals.

- Experience and knowledge of Android or iOS and its internals.

- A good understanding of the C or C++ language.

This vacancy is for experienced researchers and will require skills and experience in several of the areas listed as well as the ability to lead technical projects. If you do not meet these requirements please check our other vacancies which have different skills requirements.

Work Benefits

- Promotions are based on technical excellence and reviewed regularly.

- 25 days holiday per year (with bank holidays on top), option to buy up to 5 days per year.

- Level up with an extra day of holiday per year, up to an extra 5 days, starting from 2 years' service.

- We offer financial support to cover HMRC allowable costs of relocating if you’re moving to the area.

- Training and development opportunities to support your career aspirations

- O'Reilly books subscription which provides access to huge range of technical books

- Regular events including internal technical conferences, company socials and pizza-fuelled lunchtime seminars.

- Free seasonal fruit, tea, coffee, milk, squash and hot chocolate.

Health Benefits - Private medical including access to:

- Private online GP, and a helpline to speak with various healthcare professionals.

- Physiotherapists, osteopaths or chiropractors for muscle, bone, and joint pain.

- Mental health - counselling, and specialist consultations and treatment with psychologists and cognitive behavioural therapists.

- Annual Health assessment.

Financial Benefits

- A company bonus scheme so that everybody is rewarded for company success. This is an annual award that is based on the company hitting its targeted forecast. We have achieved this every year to date.

- 8% company contribution to pension with no minimum requirement for employee contribution.

- Death in Service cover of 4x base salary.

Lifestyle Benefits

- Enhanced maternity/paternity/adoption leave: 12 weeks maternity leave at full pay as soon as you join, further enhanced to 20 weeks full pay from 2 years’ service. 2 weeks paternity leave at full pay as soon as you join, further enhanced to 4 weeks full pay from 2 years’ service.

- Enhanced cycle-to-work scheme including the ability to purchase a bike over £1,000 (e-bikes, specialist cycles and trikes allowed).

Salary

This vacancy is for an experienced Vulnerability Researcher; we are able to support market-leading salaries for every grade within our sector/location. We reward staff based on technical excellence and not years of experience, so it's important to us to speak with you to see which grade you would fit into - it's not always obvious from a CV! Your interviewer will spend time during your first interview speaking with you about how your skills and experience map against our grades, and discuss a salary band so that you know early what you can expect if you receive an offer from us. The technical interview will provide a deeper assessment of your skills against your mapped grade which ultimately determines whether you receive an offer and the exact salary.

Location

We are based in the centre of Cheltenham in a stunning new build contemporary office, 5 minutes walk from the local shops and cafes. Our website has a few pictures, which you can take a look at.

Additional Details

Our interview process is quick and to the point: if you look like a good fit for the role, we'll schedule a brief call to discuss it in more detail and answer any questions you may have. If that goes well, we'll arrange a technical interview to understand your level of experience. We aim to get back to you with an answer within a couple of days of the technical interview.

Please note, due to sensitivity of the role, successful applicants must be British Citizens and willing to undergo extensive background checks to obtain a security clearance.

If you’re looking for a challenging role where you can make a real impact in the world, in a friendly environment and with all the support to advance your career, click apply.

Sign up free — access 45,000+ UK sponsor-licensed jobs