Cleared Principal Security Reverse Engineer

If you're looking for the impact, this is the role for you. An early stage, founder-led boutique cybersecurity firm focused on CNO development and offensive cyber is looking for a Principal Reverse Engineer / Vulnerability Researcher. You will not be 1 of a 500-person program; you will work directly with the co-founders, shape tooling and tradecraft, and see the real-world impact of what you build on mission.

This role is RE-heavy, Windows-heavy, and hands-on. You will be the person digging into opaque binaries, identifying strange behaviors, proving out exploitability, and helping shape offensive capabilities. What You Will Do

• Perform in-depth reverse engineering of Windows binaries, services, and protocols to identify unusual behaviors, weaknesses, and potential exploitation paths.
• Develop proof-of-concept (PoC) exploits and technical demonstrations that validate findings and inform offensive capabilities.
• Contribute to CNO tooling and tradecraft, from small bespoke utilities to more productized capabilities, depending on your interests.
• Analyze telemetry and system behavior to surface anomalies and opportunities for collection, persistence, and access.
• Work closely with Gauntlet's founders and the prime contractor team to align technical work with mission objectives.

Tech Environment

• Platforms: Heavy emphasis on Windows (userland and kernel-space exposure both useful).
• Core Tools: IDA Pro, Ghidra, or similar reverse engineering suites (they are tool-agnostic as long as you are effective).
• Languages (as useful): C/C++, Python, assembly, and scripting for automation and PoCs.
• Domain: CNO development, offensive cyber, vulnerability discovery and validation, and operational tooling.

What We Are Looking For
Must-Haves

• 5-10+ years of hands-on experience in reverse engineering, exploit development, vulnerability research, or related low-level security work.
• Active Top Secret clearance (ability to work in SCIF environments as required).
• Deep experience with Windows internals and reverse engineering Windows binaries, applications, or drivers.
• Strong fluency in IDA Pro, Ghidra, or similar reverse engineering suites.
• Demonstrated ability to go from "this looks weird" to root cause analysis to PoC.
• Comfort working fully onsite in Herndon, VA or Ballston, VA.
• Ability to operate autonomously, own problems end-to-end, and communicate clearly with a small, senior team.

Nice-to-Haves

• Direct experience with CNO development and offensive cyber operations.
• Prior work on DoD/IC or large prime contracts (Lockheed, Northrop, Raytheon, etc.).
• Experience in kernel-mode reverse engineering, driver analysis, or deep Windows internals.
• Background mentoring other engineers or acting as a technical lead or principal on RE/VR efforts.
• Exposure to Linux, embedded, or alternative architectures (ARM, MIPS, etc.) is a plus but not required; the current work is predominantly Windows.

Location and Work Environment

• Worksite, in either:
• Herndon, VA

OR

• Ballston, VA

• Onsite Only: This role cannot be performed remotely.
• Some SCIF work is required. Compensation and Benefits
  • Base Salary: Target $200,000 - $300,000 (flexible based on experience).
  • 401(k): 6% match.
  • Insurance: Comprehensive health insurance coverage.
  • Perks:
  • Cell phone and home internet fully covered.
  • Training budget for courses, conferences, and tools that keep you sharp.
• Time Off:
• 4 weeks PTO.
• 11 federal holidays.
  
  #LI-VG1