Loading...
ZealotJoin
All positions
[ Surfaces ] Position

Windows DriverExploitation Engineer

Zealot is deploying AI systems at the center of western cyber operations, backed by tier-1 US VCs and industry leaders. Our team includes alumni of Anthropic, xAI, NSA, USCYBERCOM, Anduril, 8200, and the Mossad. Soon live with the U.S. Department of War and close U.S. allies abroad.

APPLIED AIVRWINDOWS
Doc // ZL.SUR.WIND
Rev // 2026.04
Classification // OPEN

§What You'll Do

  • Discover and exploit vulnerabilities in Windows kernel-mode and user-mode drivers.
  • Research attack surfaces across WDDM display drivers, network miniport drivers, filesystem filter drivers, and third-party kernel extensions.
  • Develop exploit primitives for privilege escalation, sandbox escape, and kernel code execution.
  • Build automated tooling for Windows driver analysis, fuzzing, and vulnerability triage.

§Requirements

  • Deep experience with Windows kernel internals: I/O manager, object manager, memory manager.
  • Proven track record of driver vulnerability research (CVEs, ZDI submissions, or offensive work).
  • Strong x86/x64 reverse engineering and exploit development skills.
  • Proficiency with WinDbg, IDA/Ghidra, and driver analysis frameworks.
  • Strong C/C++ skills for kernel-level development and exploitation.

§Nice to Have

  • Experience with Hyper-V and virtualization-based security (VBS) attack surfaces.
  • Familiarity with Windows driver fuzzing (kAFL, what the fuzz, custom harnesses).
  • Experience with BYOVD (Bring Your Own Vulnerable Driver) attack techniques.
  • Knowledge of Windows Defender / EDR kernel-mode components.
  • Experience building with LLMs and AI agents.
  • Published research or conference talks on Windows kernel security.

§You Are

  • Deeply technical and motivated to find the bugs that matter at the kernel level.
  • Clearly interested in stepping away from purely manual research and moving toward the development of AI systems.
  • Building something massive matters more to you than comfort, titles, or predictability.
  • You want to be early at a company that will change an industry, and you're ready to do what that actually takes.
For Recruiters

Note to recruiting firms: Windows driver vulnerability research is the core requirement. Kernel exploitation experience is essential. Familiarity with modern Windows security mitigations is a strong plus.

Ready?

Apply for Windows Driver Exploitation Engineer

Email team@zealotlabs.com with a resume and a paragraph on what you want to build with us.

Apply now

Other positions

All positions →