Lead Security Researcher

Lead Security Researcher

Department: Cyber Services and Capabilities

Employment Type: Full Time

Location: GBR Cheltenham Jessop House

Reporting To: Alexander Plaskett

Description

A Lead Security Researcher within the Exploit Development Group (EDG) is responsible for conducting high impact vulnerability research and exploit development that advances the state of the art in cybersecurity. The role contributes directly to NCC Group's reputation as a global authority in security research by delivering original research with deep technical expertise and representing the organisation externally through publications, presentations, and industry engagement. Through both long term strategic research and short notice tactical support, this role helps protect clients, strengthen NCC Group services and shape the wider security community.

Key Responsibilities

• Conduct vulnerability research and exploit development across a range of platforms, architectures, and technologies.
• Deliver high quality vulnerabilities and reliable exploits as part of strategic research programmes.
• Provide short notice tactical support to consulting, professional, and managed services teams in areas such as reverse engineering and exploit development.
• Advance exploit development techniques and contribute to world leading security research.
• Participate in vulnerability research and exploit development competitions, such as Pwn2Own.
• Publish research findings and support their internal and external promotion through articles, whitepapers, presentations, and conference talks.
• Act as a subject matter expert within NCC Group, mentoring and supporting colleagues who are developing skills in vulnerability research and exploitation.
• Collaborate effectively with multi disciplinary teams to deliver research and client outcomes to the highest possible standard.

Skills, Knowledge and Expertise

• Strong knowledge of vulnerability research and exploitation techniques.
• Experience with major CPU architectures and operating systems or platforms.
• Ability to reverse engineer software written in both unmanaged and managed languages.
• Understanding of common programming languages, vulnerability classes and exploitation methods.
• Knowledge of modern exploitation mitigations and approaches for bypassing them.
• Ability to research and exploit unfamiliar instruction sets, programming languages and platforms.
• Clear written communication skills for documenting and presenting complex technical findings.

Benefits

• Flexible Working: Balance your work and personal life with our flexible working options.
• Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave.
• Medicash & Critical Illness Scheme
• Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme.
• Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities.
• Green Car Scheme: Drive green and save money with our eco-friendly car scheme.
• Cycle Scheme: Stay fit and healthy with our cycle-to-work scheme.
• Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet.
• Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.