At a Glance
- Tasks: Conduct cutting-edge vulnerability research and develop innovative security tools.
- Company: Join a fast-growing cybersecurity firm dedicated to protecting major enterprises.
- Benefits: Competitive pay, growth opportunities, and access to top-notch tools.
- Other info: Inclusive workplace that values diverse backgrounds and experiences.
- Why this job: Make a real impact in cybersecurity while working with industry experts.
- Qualifications: 5+ years in vulnerability research and software engineering required.
The predicted salary is between 80000 - 100000 £ per year.
We’re looking for a Principal Vulnerability Engineer that understands the full lifecycle from discovery to detection to deployment. You’ll split your time between hands‑on vulnerability research, building production‑quality tooling, and pushing the boundaries of how LLMs can accelerate offensive security workflows. This isn’t a pure vulnerability research role or a pure engineering role – it’s both, and more.
Responsibilities
- Conduct security research across both 0‑days and n‑days, reverse‑engineering patches and performing analysis via patch diffing across both source‑available and binary‑only targets.
- Build and maintain internal tooling for automated vulnerability discovery, exploit validation, and detection signature generation.
- Design and implement production‑grade LLM‑powered workflows that accelerate vulnerability research.
- Focus on high‑impact vulnerabilities that would have a material impact on our clients, such as Remote Code Execution.
- Support speaking at conferences and presenting research to the world.
Qualifications
- 5+ years of real‑world experience in a mix of vulnerability research and software engineering.
- Demonstrated track record of original 0‑day vulnerability discovery with public advisories or CVEs.
- Experience with n‑day research and patch diffing, having a working PoC before the write‑up landed.
- Competence across both web and binary vulnerability classes.
- Production‑grade software engineering experience, with code deployed to production, ideally in Python.
- Proven experience with common security tooling such as Burp Suite, Ghidra/IDA, debuggers, fuzzers, and related ecosystem.
- Hands‑on experience using LLMs to improve research or engineering workflow.
- Exposure to startups or high‑growth scale‑ups, comfortable navigating ambiguity and fast‑changing priorities.
- Ability to thrive under pressure and adapt to shifting priorities.
- Proactive, collaborative, and ownership‑driven mindset.
- Passion for continuous improvement and innovation.
- Quick learner able to apply new concepts effectively.
Benefits
- Competitive compensation.
- Meaningful role in a fast‑growing cybersecurity business that helps protect some of the world’s largest enterprises.
- Access to the best tools and a powerful kit to effectively fulfil your role.
- Endless opportunities for promotion and growth as the company scales.
- Opportunity to work with cyber security experts on cutting‑edge industry‑wide challenges.
Equal Opportunity Employer
watchTowr is proud to be an Equal Opportunity Employer. At watchTowr, we’re dedicated to fostering an inclusive, respectful, and diverse environment where every individual is recognized for their talent and potential. Our hiring decisions are guided by your capabilities, experience, and what you bring to the role – not by unrelated personal attributes. We have a zero‑tolerance approach to any form of discrimination or harassment. This includes – but isn’t limited to – discrimination based on race, ethnicity, religion, colour, nationality, sex, sexual orientation, gender identity or expression, age, disability, pregnancy or parental status, veteran status, or any other characteristic protected by law. We actively encourage people from all backgrounds to apply. Even if you don’t tick every box in the job description, we’d still love to hear from you.
AI Vulnerability Research Engineer in London employer: watchTowr
At watchTowr, we pride ourselves on being an exceptional employer, offering a dynamic work culture that fosters innovation and collaboration. As a Principal Vulnerability Engineer, you'll enjoy competitive compensation, access to cutting-edge tools, and endless opportunities for professional growth in a fast-paced cybersecurity environment. Join us to make a meaningful impact while working alongside industry experts dedicated to tackling the most pressing security challenges.
StudySmarter Expert Advice🤫
We think this is how you could land AI Vulnerability Research Engineer in London
✨Tip Number 1
Network like a pro! Reach out to folks in the cybersecurity community, especially those who work in vulnerability research. Attend meetups or conferences where you can chat with potential colleagues and learn about opportunities that might not be advertised.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your vulnerability research projects, including any 0-day discoveries or tools you've built. This will give you an edge and demonstrate your hands-on experience to potential employers.
✨Tip Number 3
Don’t just apply – engage! When you find a role that excites you, apply through our website and follow up with a friendly email expressing your enthusiasm. Let them know why you're a great fit for the Principal Vulnerability Engineer position.
✨Tip Number 4
Stay updated on industry trends! Follow blogs, podcasts, and forums related to vulnerability research and offensive security. This will not only keep you informed but also give you talking points during interviews to show your passion and knowledge.
We think you need these skills to ace AI Vulnerability Research Engineer in London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the skills and experiences that match the job description. Highlight your vulnerability research and software engineering experience, especially any original 0-day discoveries you've made.
Craft a Compelling Cover Letter:Use your cover letter to tell us why you're passionate about vulnerability research and how your background makes you a great fit for this role. Don’t forget to mention any relevant projects or tools you've worked with!
Showcase Your Projects:If you've built any tools or conducted significant research, include links or descriptions in your application. We love seeing real-world applications of your skills, especially if they relate to LLMs or automated vulnerability discovery.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team!
How to prepare for a job interview at watchTowr
✨Know Your Stuff
Make sure you brush up on your knowledge of vulnerability research and software engineering. Be ready to discuss your experience with 0-days, n-days, and the tools you’ve used like Burp Suite or Ghidra. They’ll want to see that you can talk the talk and walk the walk!
✨Showcase Your Projects
Prepare to share specific examples of your past work, especially any original 0-day discoveries or impactful vulnerabilities you've tackled. Having a portfolio or case studies ready can really set you apart and demonstrate your hands-on experience.
✨Get Familiar with LLMs
Since this role involves using LLMs to enhance workflows, make sure you understand how they can be applied in vulnerability research. Be prepared to discuss any projects where you’ve integrated LLMs into your processes and the outcomes of those efforts.
✨Emphasise Adaptability
This position requires navigating ambiguity and shifting priorities, so be ready to share examples of how you’ve thrived under pressure. Highlight your proactive mindset and collaborative spirit, as these traits are key to succeeding in a fast-paced environment.
