Principal Vulnerability Researcher (Cybersecurity)

TL;DR

Principal Vulnerability Researcher (Cybersecurity): Technical lead for global vulnerability detection capabilities with an accent on reverse engineering patches and analyzing network protocols. Focus on designing internet-scale detection logic, integrating AI/ML for automation, and ensuring legal compliance of scanning telemetry.

Location: Lisbon, Portugal or United States

Salary: $180,000 – $205,000 (for US-based employees)

Company

hirify.global is a cyber risk management leader transforming how companies manage exposure, performance, and risk for themselves and their third parties.

What you will do

• Lead end-to-end research of high-impact CVEs and reverse engineer patches to identify unique fingerprints.
• Architect and implement high-fidelity detection logic that operates efficiently at internet scale.
• Integrate Machine Learning and Large Language Models (LLMs) to accelerate vulnerability discovery and patch analysis.
• Oversee the deployment of distributed scanning agents using AWS and Google Cloud services.
• Provide high-level technical mentorship to Senior and Staff engineers to foster research excellence.
• Act as a subject matter expert for senior leadership, translating technical risks into strategic business insights.

Requirements

• 10+ years of experience in vulnerability research, exploit development, and network-based detection.
• Expert-level experience architecting and deploying security tools within AWS and/or Google Cloud.
• Mastery of Python, SQL, and CI/CD best practices.
• Expert-level skills in static/dynamic analysis, patch diffing (BinDiff), and disassembly tools (IDA Pro, Ghidra, Binary Ninja).
• Ability to solve ambiguous, "Internet-scale" problems where traditional tools fail.
• Exceptional communication skills with the ability to influence technical direction across the organization.

Nice to have

• Master’s degree in Computer Science or a related field.
• Demonstrated experience applying AI/ML techniques to automate security workflows.
• Track record of public contributions, such as CVE discoveries or presentations at Black Hat and DEF CON.

Culture & Benefits

• Comprehensive benefits package including medical, dental, and vision insurance.
• Paid parental leave and flexible time off.
• 401(k) plan with employee and company contribution opportunities.
• Tuition reimbursement and life/disability insurance.
• Inclusive, people-first culture committed to equal opportunity and professional growth.