Vulnerability Researcher (UKTL)

Vulnerability Researcher (UKTL)

CAPTION: Job details

• Posting date: 16 June 2026


• Hours: Full time


• Closing date: 16 July 2026


• Location: Solihull, West Midlands


• Remote working: Hybrid - work remotely up to 3 days per week


• Company: National Physical Laboratory


• Job type: Permanent


• Job reference: (ID:1554)

Summary

What You'll Be Doing

Step into the front line of telecom security Research. In this role, you won't just follow instructions-you'll explore the unknown, uncover hidden vulnerabilities, and help shape the future of secure telecommunications.

• Find new vulnerabilities Together - Take a deep dive into our carrier-grade telecom systems, exploring how complex technologies really work in practice. You'll discover vulnerabilities in a thoughtful, research-led way, with the time and support to carry out meaningful work that contributes to stronger, more secure systems.


• Innovate - you'll work within broad problem spaces with the autonomy to follow your curiosity and pursue the most exciting discoveries. Design, prototype, and experiment with your own tools-whether that's advanced fuzzers, custom software radio solutions, or something entirely new. No two days are the same at UKTL.


• Learn Relentlessly - Develop a deep understanding of telecom systems by exploring how they behave, where they can fail, and how they can be improved. Each project is an opportunity to grow your expertise, supported by a team with a wide range of experience. You'll learn from colleagues, share knowledge, and collaborate with trusted partners to drive long-term improvements in telecom security.


• Work, Build & Experiment in a World Class Lab - you're trusted to explore freely: to take systems apart, understand them deeply, and build them back better. You'll have the freedom to push boundaries, learn through experimentation, and make a genuine impact-breaking things to improve them, not just to test them.


• Alongside this, you'll design, build, and evolve the infrastructure that supports your research, creating bespoke environments that enable meaningful, hands-on technical discovery at scale.

If you're driven by curiosity, thrive on solving complex problems, and want to make a real impact in telecom security-this is where you belong.

Successful Applicants must be able to commute to the UKTL offices in Birmingham at least twice a week

We strive to offer a great work life balance - if you are looking for full time, part time or flexible options, we will try to make this work where business possible. This will be dependent on the kind of role you do and part of the business you work in.

About You

You're curious, driven, and passionate about uncovering how things work-and how they break. You thrive in complex technical environments and enjoy pushing boundaries to discover vulnerabilities others overlook.

• You comprehend what protocols are doing beneath the surface and can break down how systems communicate.


• You apply structured research methodologies to explore novel technologies and uncover hidden risks.


• You bring applied knowledge of cryptographic algorithms-encryption, authentication, signatures-and know how they can be misused.


• You're comfortable with data structures, distributed systems, and modern infrastructure like virtualisation and containerisation.


• You understand network protocols and how software works-from low-level assembly to high-level interpreted languages.


• You're familiar with memory corruption bugs and know how attackers bypass protections like ASLR, stack canaries, and heap guards.


• You know your way around Linux internals and can pick up any programming language when given the right resources.


• You've used ethical exploitation tools and techniques across both low-level software and web platforms.


• You've got reverse engineering experience and are confident using tools like IDA Pro, Ghidra, or even just source code analysis.

Please note: Applications will be reviewed, and interviews conducted throughout the duration of this advert therefore we may at any time bring the closing date forward. We encourage all interested applicants to apply as soon as practical.

We actively recruit citizens of all backgrounds, but the nature of our work in this specific area means that nationality, residency and security requirements are more tightly defined than others. To work in this role, you will need to have a DV clearance with no restrictions, or you must have the ability to obtain a DV clearance.

Proud member of the Disability Confident employer scheme

Disability Confident

About Disability Confident

A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to .

#s1-Gen

You're curious, driven, and passionate about uncovering how things work-and how they break. You thrive in complex technical environments and enjoy pushing boundaries to discover vulnerabilities others overlook.

You comprehend what protocols are doing beneath the surface and can break down how systems communicate.
You apply structured research methodologies to explore novel technologies and uncover hidden risks.
You bring applied knowledge of cryptographic algorithms-encryption, authentication, signatures-and know how they can be misused.
You're comfortable with data structures, distributed systems, and modern infrastructure like virtualisation and containerisation.
You understand network protocols and how software works-from low-level assembly to high-level interpreted languages.
You're familiar with memory corruption bugs and know how attackers bypass protections like ASLR, stack canaries, and heap guards.
You know your way around Linux internals and can pick up any programming language when given the right resources.
You've used ethical exploitation tools and techniques across both low-level software and web platforms.
You've got reverse engineering experience and are confident using tools like IDA Pro, Ghidra, or even just source code analysis.
Please note: Applications will be reviewed, and interviews conducted throughout the duration of this advert therefore we may at any time bring the closing date forward. We encourage all interested applicants to apply as soon as practical.

We actively recruit citizens of all backgrounds, but the nature of our work in this specific area means that nationality, residency and security requirements are more tightly defined than others. To work in this role, you will need to have a DV clearance with no restrictions, or you must have the ability to obtain a DV clearance.

Proud member of the Disability Confident employer scheme
Disability Confident
About Disability Confident
A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to .

Step into the front line of telecom security Research. In this role, you won't just follow instructions-you'll explore the unknown, uncover hidden vulnerabilities, and help shape the future of secure telecommunications.
Find new vulnerabilities Together - Take a deep dive into our carrier-grade telecom systems, exploring how complex technologies really work in practice. You'll discover vulnerabilities in a thoughtful, research-led way, with the time and support to carry out meaningful work that contributes to stronger, more secure systems.
Innovate - you'll work within broad problem spaces with the autonomy to follow your curiosity and pursue the most exciting discoveries. Design, prototype, and experiment with your own tools-whether that's advanced fuzzers, custom software radio solutions, or something entirely new. No two days are the same at UKTL.
Learn Relentlessly - Develop a deep understanding of telecom systems by exploring how they behave, where they can fail, and how they can be improved. Each project is an opportunity to grow your expertise, supported by a team with a wide range of experience. You'll learn from colleagues, share knowledge, and collaborate with trusted partners to drive long-term improvements in telecom security.
Work, Build & Experiment in a World Class Lab - you're trusted to explore freely: to take systems apart, understand them deeply, and build them back better. You'll have the freedom to push boundaries, learn through experimentation, and make a genuine impact-breaking things to improve them, not just to test them.
Alongside this, you'll design, build, and evolve the infrastructure that supports your research, creating bespoke environments that enable meaningful, hands-on technical discovery at scale.
If you're driven by curiosity, thrive on solving complex problems, and want to make a real impact in telecom security-this is where you belong.

Successful Applicants must be able to commute to the UKTL offices in Birmingham at least twice a week

We strive to offer a great work life balance - if you are looking for full time, part time or flexible options, we will try to make this work where business possible. This will be dependent on the kind of role you do and part of the business you work in.