Associate Vulnerability Researcher

Overview

What You’ll Be Doing:
As an Associate Vulnerability Researcher in Telecommunications, you’ll be dedicated to deepening your knowledge and sharpening your skills in securing telecom systems. You’ll be joining a team that’s not only excellent at what they do but also committed to supporting your growth and helping you build on your background in the cybersecurity and vulnerability research communities.

Successful Applicants must be able to commute to the UKTL offices in Birmingham at least twice a week.

We actively recruit citizens of all backgrounds, but the nature of our work in this specific area means that nationality, residency and security requirements are more tightly defined than others. To work in this role, you will need to have a DV clearance with no restrictions, or you must have the ability to obtain a DV clearance.

• Learn Continuously - You won’t need to come in with all the skills—this is a space where you’ll build them. You’ll start by exploring systems to understand how and why they fail, learning the fundamentals of security along the way. Each project will be a chance to grow your expertise and apply newly acquired skills to drive meaningful, long-term improvements in security.
• Exploring the World of Telecom System - You’ll have the time and autonomy to investigate carrier-grade telecom infrastructure, working towards discovering vulnerabilities that others might overlook. Your work will be thorough, precise, and impactful.
• Work Within Flexible Frameworks - Instead of rigid task lists, you’ll operate within broad themes and scopes. This flexibility allows you to shift focus as new insights emerge and opportunities arise, encouraging innovation and adaptability.
• Prototype Your Own Tools - You’ll have time to work with and adapt and experiment with custom tooling—such as novel fuzzers or software radio interfaces—often using obscure frameworks and languages to push the boundaries of what’s possible in telecom security.

As a trusted and independent national capability, UKTL interacts with standards bodies, Academia, and Government Departments as well as Communications Service Providers and equipment vendors.

• You're someone who thrives on uncovering the unknown and enjoys the challenge of exploring systems for novel vulnerabilities. You demonstrate a strong aptitude and passion for security research.
• You have a solid understanding of how software and networks operate — from low-level assembly to high-level interpreted languages — and can navigate the intricacies of network protocols with confidence. You have knowledge of Linux OS internals and cryptography and can quickly learn new programming languages when given the right resources.
• You're familiar with common vulnerability types such as memory corruption bugs (e.g., stack/heap/integer overflows, format strings), and you’re curious about the techniques attackers use to bypass modern security protections like NX, stack canaries, heap protection, and ASLR.
• Experience with embedded systems, operating systems, or hardware-level debugging and prototyping is a strong asset, and you’re comfortable working close to the metal when needed.
• Note:
  
  Applications will be reviewed, and interviews conducted throughout the duration of this advert; therefore we may bring the closing date forward. We encourage all interested applicants to apply as soon as practical.

We strive to offer a great work life balance. If you are looking for full time, part time or flexible options, we will try to make this work where business allows. This will be dependent on the kind of role you do and part of the business you work in.