Vulnerability Researcher

Salário mediano: $145,000 USD · BLS 2024Aproximadamente R$725,000 ao câmbio atual, antes de IR e INSS. Seu banco aplicará o câmbio real em qualquer transação internacional.

A vulnerability researcher discovers, weaponizes, and discloses software flaws that nobody knew existed. You spend hours fuzzing, reverse-engineering, or auditing source until something gives, and then you build a reliable proof of concept. The output is a CVE, a HackerOne or Bugcrowd payout, a conference talk, or, in the case of researchers working under government contract, a capability that never gets disclosed publicly. Trail of Bits, GRIMM, NCC Group, Project Zero (Google), Microsoft Vulnerability Research, and ZDI (Zero Day Initiative) are the most visible employers, and the bug-bounty top decile (per HackerOne's 2024 Hacker-Powered Security Report) earns more from program payouts than from any single salary. The discipline blends low-level systems knowledge (memory corruption, kernel internals) with the patience to read through a target until it talks back.