At a Glance
- Tasks: Conduct cutting-edge vulnerability research and develop innovative security tools.
- Company: Join a fast-growing cybersecurity firm dedicated to protecting major enterprises.
- Benefits: Competitive pay, growth opportunities, and access to top-notch tools.
- Other info: Inclusive workplace that values diverse backgrounds and experiences.
- Why this job: Make a real impact in cybersecurity while working with industry experts.
- Qualifications: 5+ years in vulnerability research and software engineering, with a passion for innovation.
The predicted salary is between 70000 - 90000 £ per year.
We’re looking for a Principal Vulnerability Engineer that understands the full lifecycle from discovery to detection to deployment. You’ll split your time between hands‑on vulnerability research, building production‑quality tooling, and pushing the boundaries of how LLMs can accelerate offensive security workflows. This isn’t a pure vulnerability research role or a pure engineering role – it’s both, and more.
Responsibilities
- Conduct security research across both 0‑days and n‑days, reverse‑engineering patches and performing analysis via patch diffing across both source‑available and binary‑only targets.
- Build and maintain internal tooling for automated vulnerability discovery, exploit validation, and detection signature generation.
- Design and implement production‑grade LLM‑powered workflows that accelerate vulnerability research.
- Focus on high‑impact vulnerabilities that would have a material impact on our clients, such as Remote Code Execution.
- Support speaking at conferences and presenting research to the world.
Qualifications
- 5+ years of real‑world experience in a mix of vulnerability research and software engineering.
- Demonstrated track record of original 0‑day vulnerability discovery with public advisories or CVEs.
- Experience with n‑day research and patch diffing, having a working PoC before the write‑up landed.
- Competence across both web and binary vulnerability classes.
- Production‑grade software engineering experience, with code deployed to production, ideally in Python.
- Proven experience with common security tooling such as Burp Suite, Ghidra/IDA, debuggers, fuzzers, and related ecosystem.
- Hands‑on experience using LLMs to improve research or engineering workflow.
- Exposure to startups or high‑growth scale‑ups, comfortable navigating ambiguity and fast‑changing priorities.
- Ability to thrive under pressure and adapt to shifting priorities.
- Proactive, collaborative, and ownership‑driven mindset.
- Passion for continuous improvement and innovation.
- Quick learner able to apply new concepts effectively.
Benefits
- Competitive compensation.
- Meaningful role in a fast‑growing cybersecurity business that helps protect some of the world’s largest enterprises.
- Access to the best tools and a powerful kit to effectively fulfil your role.
- Endless opportunities for promotion and growth as the company scales.
- Opportunity to work with cyber security experts on cutting‑edge industry‑wide challenges.
Equal Opportunity Employer
watchTowr is proud to be an Equal Opportunity Employer. At watchTowr, we’re dedicated to fostering an inclusive, respectful, and diverse environment where every individual is recognized for their talent and potential. Our hiring decisions are guided by your capabilities, experience, and what you bring to the role – not by unrelated personal attributes. We have a zero‑tolerance approach to any form of discrimination or harassment. This includes – but isn’t limited to – discrimination based on race, ethnicity, religion, colour, nationality, sex, sexual orientation, gender identity or expression, age, disability, pregnancy or parental status, veteran status, or any other characteristic protected by law. We actively encourage people from all backgrounds to apply. Even if you don’t tick every box in the job description, we’d still love to hear from you.
AI Vulnerability Research Engineer employer: watchTowr
At watchTowr, we pride ourselves on being an exceptional employer, offering a dynamic work culture that fosters innovation and collaboration. As a Principal Vulnerability Engineer, you will play a pivotal role in a fast-growing cybersecurity firm, with access to cutting-edge tools and endless opportunities for professional growth. Join us in making a meaningful impact while working alongside industry experts in a supportive and inclusive environment.
StudySmarter Expert Advice🤫
We think this is how you could land AI Vulnerability Research Engineer
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can refer you directly.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your vulnerability research projects or any tools you've built. This is your chance to demonstrate what you can do beyond just a CV.
✨Tip Number 3
Prepare for interviews by brushing up on common vulnerability scenarios and be ready to discuss your past experiences. Practice explaining complex concepts in simple terms – it shows you really understand your stuff!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we love hearing from passionate candidates who are eager to join our mission.
We think you need these skills to ace AI Vulnerability Research Engineer
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the skills and experiences that match the job description. Highlight your vulnerability research and software engineering experience, especially any original 0-day discoveries you've made.
Craft a Compelling Cover Letter:Use your cover letter to tell us why you're passionate about this role. Share specific examples of your work with LLMs or any high-impact vulnerabilities you've tackled, and how they relate to our mission at StudySmarter.
Showcase Your Projects:If you’ve built any tools or conducted significant research, don’t hesitate to include links or descriptions in your application. We love seeing practical examples of your work and how you push the boundaries in cybersecurity.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows us you’re keen on joining the StudySmarter team!
How to prepare for a job interview at watchTowr
✨Know Your Stuff
Make sure you brush up on your knowledge of vulnerability research and software engineering. Familiarise yourself with the latest trends in 0-day and n-day vulnerabilities, as well as tools like Burp Suite and Ghidra. Being able to discuss your past experiences and how they relate to the role will show that you're not just a good fit, but also genuinely interested.
✨Showcase Your Projects
Prepare to talk about specific projects where you've successfully discovered vulnerabilities or built tooling. Highlight any original 0-day discoveries and be ready to discuss the impact of your work. This is your chance to demonstrate your hands-on experience and how it aligns with the responsibilities of the role.
✨Demonstrate Your Problem-Solving Skills
Expect to face some technical questions or scenarios during the interview. Be prepared to think on your feet and showcase your problem-solving abilities. Discuss how you've navigated ambiguity in previous roles and how you adapt to changing priorities, as this is crucial for success in a fast-paced environment.
✨Be Passionate and Proactive
Let your enthusiasm for cybersecurity shine through! Talk about your passion for continuous improvement and innovation in the field. Share any experiences where you've taken initiative or led projects, as this will resonate well with the company's values and culture.
