IRIS C2 LogoIRIS C2

Work
With Us

We do vulnerability research and build offensive cyber tools for the U.S. government. We are hiring across every target platform we cover.

Platform Engineering

McLean, VA — Active TS/SCI with polygraph required.

Cleared Platform Engineer

Build and maintain the IRIS C2 platform itself — the Qt/C++ desktop application, server infrastructure, implant integration pipelines, and operational tooling that ties everything together.

  • Active TS/SCI with polygraph.
  • Strong C++ (Qt6 framework) and Python.
  • Understanding of payload delivery, modular exploit integration, and evasion.
Apply

Vulnerability Research & Exploit Development

Remote — No degree required. We care about what you can do, not where you went to school.

Browser Exploitation

WebKit and Blink rendering engines. JavaScript JIT compilers. Identify memory corruption vulnerabilities, build reliable exploitation primitives, and chain them with sandbox escapes for full browser compromise on desktop and mobile.

  • Deep understanding of modern browser architecture and JIT internals.
  • Proven ability to find and exploit memory corruption vulnerabilities.
  • Experience with fuzzing infrastructure at scale.
Apply

iOS Vulnerability Research

The full iOS attack surface — WebKit, kernel (XNU), userland services, IPC, and the Secure Enclave boundary. Build exploit chains from initial browser or message-based entry through sandbox escape to kernel code execution.

  • Expert reverse engineering of ARM64 and XNU kernel internals.
  • Experience building reliable iOS exploit chains.
  • Familiarity with PAC, PPL, and modern iOS mitigations.
Apply

Android Vulnerability Research

Android browser engines, media codecs, baseband processors, and system services. Build initial access primitives that escalate from application context through sandbox escape to full device control.

  • Strong ARM64 reverse engineering and Android platform internals.
  • Experience with Binder IPC, SELinux policy, and Trustzone boundaries.
  • Media codec or baseband research experience is highly valued.
Apply

Windows Vulnerability Research

Windows kernel, drivers, and userland attack surface. Local privilege escalation, kernel read/write primitives, and kernel code execution. NTFS, win32k, RPC, and COM internals.

  • Deep knowledge of Windows kernel architecture and driver attack surface.
  • Experience developing reliable LPE and KCE exploit chains.
  • Familiarity with modern Windows mitigations (VBS, HVCI, CFG).
Apply

Datacenter & Cloud Infrastructure

Linux kernel, container runtimes, Kubernetes orchestration, GPU compute stacks, and hypervisors. Container escape, host breakout, and lateral movement across cloud-native infrastructure.

  • Linux kernel internals — namespaces, cgroups, eBPF, and syscall interface.
  • Container escape research (Docker, containerd, runc, Kubernetes).
  • GPU driver or hypervisor vulnerability research is a strong plus.
Apply

Network Backbone & Embedded Firmware

OLT/GPON devices, carrier-grade routers, cellular baseband processors, and esoteric embedded firmware. Hardware reverse engineering, JTAG/UART extraction, and implant development for non-standard architectures.

  • Firmware extraction and reverse engineering on MIPS, ARM, or proprietary architectures.
  • Experience with telecommunications equipment (OLT, GPON, carrier routing).
  • Hardware debugging tools (logic analyzers, SOIC clips, JTAG).
Apply