Offensive Security Researcher (remote) - Converge Technology Solutions : Job Details

Position Description

This exciting opportunity is a full-time, permanent position with Converge. We are seeking a highly skilled Offensive Security Researcher with a deep understanding of vulnerability discovery and exploit development. The role focuses on identifying previously unknown (zero-day) vulnerabilities in commercial and open-source software, creating proof-of-concept (PoC) exploits, and working closely with external third parties to mitigate risks. You will be at the forefront of cybersecurity research, analyzing software systems, reverse engineering code, and crafting innovative offensive techniques to identify emerging threats.

Key Responsibilities:

• Conduct vulnerability research across various platforms and technologies (e.g., desktop applications, cloud services, IoT, mobile, embedded systems)
• Use manual inspection, automated tools, and scripts to find vulnerabilities in software and hardware
• Analyze and reverse engineer software to discover security weaknesses and undocumented features
• Develop reliable and weaponized Proof-of-Concept (PoC) exploits for identified vulnerabilities
• Work on fuzzing frameworks, custom tools, and scripts to automate vulnerability discovery
• Collaborate with third parties to ensure timely vulnerability disclosure and patch development
• Document research findings through technical write-ups, advisories, internal reports, and blogs
• Stay up-to-date with the latest security trends, tools, and techniques, and apply them to ongoing research
• Present findings at relevant conferences, webinars, and other public forums

Skills and Qualifications:

• Advanced knowledge of modern programming languages
• Familiarity with software security concepts, including vulnerability types (e.g., race conditions, privilege escalation, SQLi, XSS)
• Experience in network protocol analysis, packet crafting, and penetration testing tools (e.g., Wireshark, Burp Suite, Metasploit)
• Familiarity with static and dynamic code analysis tools and techniques.
• Familiarity with emulator and virtualization technologies
• Self-starter and requires minimal supervision
• Strong communications skills (written and verbal)
• Strong documentation skills required for deliverable development
• Strong organization skills to effectively manage your own time, calendar and follow-ups

Experience:

• 3-5 years of hands-on experience in offensive security research, with a proven track record of vulnerability discovery and exploit development
• Prior CVEs to your name
• Strong experience with dynamic analysis and debugging tools such as WinDbg, gdb, Frida, etc
• Experience with fuzzing methodologies and frameworks (e.g., AFL, libFuzzer, Peach, etc.)
• Understanding of modern exploitation mitigations and bypass techniques (e.g., ASLR, DEP, CFG, CFI)

Preferred:

• Experience contributing to open-source security tools or vulnerability databases
• Certifications relevant to the role, such as the OSWE, OSED and/or OSEE
• 4-year college degree in Computer Science or Cybersecurity

Work Environment:

This position is remote within the United States.

Total Rewards:

We offer a comprehensive total rewards package that includes base salary, quarterly bonus, healthcare benefits, 401k match, company stock match program, PTO/holiday, training/development and so much more.

Converge Technology Solutions provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.