Loading...
All positions
[ Surfaces ] Position

Windows DriverExploitation Engineer

Zealot is deploying AI systems at the center of western cyber operations, backed by tier-1 US VCs and industry leaders. Our team includes alumni of Anthropic, xAI, and Anduril. Soon live with close U.S. allies abroad.

APPLIED AIVRWINDOWS
Doc // ZL.SUR.WIND
Rev // 2026.04
Classification // OPEN

§What You'll Do

  • Discover and exploit vulnerabilities in Windows kernel-mode and user-mode drivers.
  • Research attack surfaces across WDDM display drivers, network miniport drivers, filesystem filter drivers, and third-party kernel extensions.
  • Develop exploit primitives for privilege escalation, sandbox escape, and kernel code execution.
  • Build automated tooling for Windows driver analysis, fuzzing, and vulnerability triage.

§Requirements

  • Deep experience with Windows kernel internals: I/O manager, object manager, memory manager.
  • Proven track record of driver vulnerability research (CVEs, ZDI submissions, or offensive work).
  • Strong x86/x64 reverse engineering and exploit development skills.
  • Proficiency with WinDbg, IDA/Ghidra, and driver analysis frameworks.
  • Strong C/C++ skills for kernel-level development and exploitation.

§Nice to Have

  • Experience with Hyper-V and virtualization-based security (VBS) attack surfaces.
  • Familiarity with Windows driver fuzzing (kAFL, what the fuzz, custom harnesses).
  • Experience with BYOVD (Bring Your Own Vulnerable Driver) attack techniques.
  • Knowledge of Windows Defender / EDR kernel-mode components.
  • Experience building with LLMs and AI agents.
  • Published research or conference talks on Windows kernel security.

§You Are

  • Deeply technical and motivated to find the bugs that matter at the kernel level.
  • Clearly interested in stepping away from purely manual research and moving toward the development of AI systems.
  • Building something massive matters more to you than comfort, titles, or predictability.
  • You want to be early at a company that will change an industry, and you're ready to do what that actually takes.
For Recruiters

Note to recruiting firms: Windows driver vulnerability research is the core requirement. Kernel exploitation experience is essential. Familiarity with modern Windows security mitigations is a strong plus.

Ready?

Apply for Windows Driver Exploitation Engineer

Email team@zealotlabs.com with a resume and a paragraph on what you want to build with us.

Apply now