Cyber Vulnerability Research Engineer

Description & Requirements

Maximus is a trusted federal partner supporting mission-critical programs across national security, defense, and public service delivery. Recent contract awards in cybersecurity and operational readiness underscore Maximus' role as a reliable prime for high-impact government missions. Joining Maximus means contributing to meaningful work in fast-paced environments alongside professionals committed to service, accountability, and results.

This position is contingent upon contract award and position availability. Selected candidates will receive a contingent offer of employment, which will become final only upon successful contract award to Maximus, availability of the position, and receipt of authorization to proceed.

This role is onsite, five days a week, and requires a TS/SCI security clearance.

Maximus TCS (Technology and Consulting Services) Internal Job Profile Code: TCS033, T3, Band 6

Job-Specific Essential Duties and Responsibilities:

- Conduct advanced vulnerability research across software, firmware, and hardware platforms to uncover exploitable conditions.

- Reverse engineer binaries and embedded systems using tools like IDA Pro, Ghidra, and x64dbg to identify zero-day vulnerabilities.

- Develop and test proof-of-concept exploits in controlled environments to validate findings.

- Collaborate with red and blue teams to simulate adversarial tactics and strengthen defensive cyber capabilities.

- Contribute to vulnerability databases and automated detection tools to support enterprise cyber resilience.

- Integrate findings into secure software development lifecycles (SSDLC) and DevSecOps pipelines.

- Present technical research and threat assessments to stakeholders, translating complex findings into actionable recommendations.

Job-Specific Minimum Requirements:

- Bachelor's degree in Computer Science, Cybersecurity, or a related field.

- Minimum 5 years in technology consulting.

- At least 3 years supporting federal government or DoD environments.

- One of Required Certifications:

- Offensive Security Certified Professional (OSCP).

- Offensive Security Certified Expert (OSCE).

- GIAC Reverse Engineering Malware (GREM).

- GIAC Exploit Researcher and Advanced Penetration Tester (GXPN).

- Proficiency in reverse engineering and exploit development.

- Experience with debuggers/disassemblers (e.g., IDA Pro, Ghidra, x64dbg).

- Strong understanding of software/hardware vulnerabilities (e.g., buffer overflows, logic flaws).

- Proficiency in assembly, C/C++, and scripting languages (Python, Bash, PowerShell).

- Familiarity with vulnerability research frameworks and bug-hunting methodologies.

- Experience with containerized environments (Docker, Kubernetes) and cloud platforms (AWS, Azure, Google Cloud Platform).

- Ability to integrate findings into SSDLC and DevSecOps pipelines.

Preferred Skills and Qualifications:

- Experience participating in bug bounty programs or coordinated vulnerability disclosure efforts.

- Familiarity with exploit mitigations and bypass techniques (e.g., ASLR, DEP, CFG).

- Knowledge of malware analysis, threat emulation, and post-exploitation tactics.

- Hands-on experience with red teaming or digital forensics in DoD or federal environments.

- Understanding of threat modeling frameworks (e.g., MITRE ATT&CK, Cyber Kill Chain).

- Experience with cloud-native security tools and container orchestration platforms.

- Ability to work in agile R&D environments, contributing to both offensive and defensive cyber innovation.

- Strong presentation skills for briefing technical findings to leadership and mission stakeholders.

#techjobs #clearance #veteransPage

Minimum Requirements

TCS033, T3, Band 6

EEO Statement

Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics.

Pay Transparency

Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances.

Accommodations
Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at .

Minimum Salary

$ 120,000.00

Maximum Salary

$ 160,000.00