Vulnerability Researcher

Location(s): Manchester

BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.
 

Our world-class team of Vulnerability Researchers and Reverse Engineers tackle some of the most interesting problems with a meaningful and tangible impact on the national security of the UK. We are looking for a diverse range of talent from experienced Vulnerability Researchers with a proven track record, to those with a keen interest and aptitude looking to develop their skills in this exciting space!

We have an existing community of technical specialists across our Gloucester and London locations and we are now looking to grow our new Manchester hub to the same level. We are looking for enthusiastic and eager individuals, who are excited by the prospect of helping to build our new Manchester Operational Cyber practice from the ground up.

We offer a friendly and inclusive culture with great opportunities to learn from experts and make use of a carefully curated training plan with some of the best trainers and conferences available.

Our focus is on a wide variety devices, platforms and technologies. VR, RE or development experience with mobile (Android, IOS), firmware, Linux, IoT and Windows is useful but most important is a willingness to learn as all of our projects bring new and interesting challenges.

 What you will be doing for us:

• Performing Vulnerability Research and Reverse Engineering to handle complex and unique challenges across a myriad of platforms.
• Learning to use tools like Ghidra, IDA Pro, Unicorn and Frida plus developing bespoke tooling when needed.
• Working in a vibrant and inclusive team of specialists where success often comes from teamwork and a diverse approach to solving problems.
• Developing junior members of staff with a keen interest in RE and VR to realise their potential.

 
Ideal candidate background:

• An interest and aptitude for Vulnerability Research, Reverse Engineering, and Exploit Development (either from a professional background or by demonstrating an aptitude e.g. by playing capture the flag challenges).
• Low-level knowledge in how languages function across the application stack from assembly through to interpreted languages and everything in between.
• Understanding of the exploit development lifecycle from identifying bugs up to fully developed proof of concepts.
• Proficient in at least one programming language (e.g. Python, Java, C#, C++)

How you will be supported:

• Work-life balance is important; you’ll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before
• You can work around core hours with flexible and part-time working
• Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more
• You’ll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Systems Applied Intelligence
• Don’t know a particular technology? Your learning and development is key to your future career
• You’ll be part of our bonus scheme
• You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing.

Why BAE Systems?
This is a place where you’ll be able to make a real difference. You’ll be part of an inclusive culture that values diversity, rewards integrity and merit, and where you’ll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently under represented within our industry, including women, ethnic minorities, people with disabilities and LGBTQ+ individuals.

We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.

Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks
 

Life at BAE Systems Digital Intelligence 

We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day.

By embracing technology, we can interact, collaborate and create together, even when we’re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance well-being.

Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds – the best and brightest minds – can work together to achieve excellence and realise individual and organisational potential.

Division overview: Government

At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Government contracts are an area we have many decades of experience in. Government and key infrastructure networks are critical targets to defend as the effects of these networks being breached can be devastating.

As a member of the Government business unit, you will defend the connected world and ensure the protection of nations. We all have a role to play in defending our clients, and this is yours.