Android Vulnerability Researcher Job Annapolis area,Maryland USA,IT/Tech

Your growth matters to us - explore our career development opportunities.

BE EMPOWERED TO SUCCEED

Connect with others in our people-first culture and enhance our collective ingenuity.

SUPPORT YOUR WELLBEING

Learn how we’ll support you as you pursue a balanced, fulfilling life.

YOUR CANDIDATE JOURNEY

Discover what to expect during your journey as a candidate with us.

Deliver production‑grade offensive capabilities that directly enable strategic intelligence collection and cyber effects missions. Discover and operationalize previously unknown vulnerabilities across the Android ecosystem, conducting advanced research on AOSP, OEM implementations, and trusted execution environments. Develop reliable exploits targeting user applications, system components, kernel, Trust Zone, and baseband subsystems while engineering persistent CNO implants and infrastructure. Hold responsibilities for large‑scale reverse engineering of closed‑source binaries, bypassing modern mitigation.

Author comprehensive technical documentation, contributing to capability roadmaps and emerging tradecraft, and leveraging AI and LLM‑powered tooling to accelerate vulnerability discovery and exploit development.

Basic Qualifications:

3+ years of experience with conducting vulnerability research, reverse engineering, or exploit development

Experience with C, C++, Python, Java or Kotlin, and Android NDK and SDK

Experience using IDA Pro, Ghidra, Binary Ninja, gdb, LLDB, Jadx, or Frida

Experience in successfully discovering and exploiting vulnerabilities

Experience defeating kernel hardening, sandboxing, and attestation mechanisms

Experience with Git Lab CI/CD for implant build pipelines

Knowledge of ARM
64 architecture and AArch
64 assembly

Ability to achieve code execution in ring‑0 and Trust Zone contexts

TS/SCI clearance with a polygraph

HS diploma or GED

Additional Qualifications:

Experience with publishing research or tools in the offensive security community

Experience providing operational support to IC or DoD cyber mission forces

Experience contributing to mobile exploit frameworks or public Common Vulnerabilities and Exposures (CVE) discoveries

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance with polygraph is required.

Compensation

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well‑being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work‑life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full‑time and part‑time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs.

Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract‑specific affordability and organizational requirements. The projected compensation range for this position is $86,900.00 to $ (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen’s total compensation package for employees.

This posting will close within 90 days from the Posting Date.

Android Vulnerability Researcher

Key Role:


Increase/decrease your Search Radius (miles)



Job Posting Language