Research & Development Specialist

Innovate. Build. Analyze. Advance the Mission.

Blackthorn Tactical’s Research & Development Division is responsible for pushing the boundaries of security innovation. Our R&D Specialists design, test, and evaluate tools, methodologies, and technologies that support adversarial simulation, defensive engineering, cyber-physical security, intelligence analysis, and operational support.

This role is for those who think beyond the current state of security — the builders, the experimenters, the analysts, the ones who ask “What if?” and then prototype the answer.

If you thrive in environments where creativity meets operational necessity, and where your work directly influences real-world capabilities, this position is for you.

Role Overview

The Research & Development Specialist is responsible for:

  • Developing tools and technologies that support Red Team, Blue Team, and intelligence operations.

  • Conducting technical research on emerging threats, vulnerabilities, and exploitation methods.

  • Engineering solutions that enhance cyber, physical, and human-layer security operations.

  • Evaluating new hardware, software, and tradecraft relevant to adversarial simulation.

  • Supporting operational teams with prototypes, intelligence briefs, and custom-built capabilities.

This is a hybrid role blending engineering, security analysis, creative problem-solving, and future-focused thinking.

Key Responsibilities

1. Research & Analysis

  • Conduct deep-dive research on cyber threats, malware behavior, adversary tactics, and new exploitation methods.

  • Monitor developments in offensive security, defensive tooling, and emerging technologies.

  • Analyze vulnerabilities across systems, networks, hardware, and human processes.

  • Produce intelligence-style briefs summarizing findings for leadership and operational teams.

  • Track MITRE ATT&CK techniques, APT tactics, and industry security trends.

2. Tool & Technology Development

  • Design and build custom tools for adversarial simulation and red team operations.

  • Develop software prototypes (scripts, utilities, automation frameworks) to support field teams.

  • Engineer physical and cyber-physical devices for testing access control, RF systems, and sensor evasion.

  • Build or modify hardware platforms such as:

    • RFID/NFC exploitation devices

    • Physical intrusion tools

    • SDR and RF analysis systems

    • Portable logging/telemetry collection tools

  • Prototype detection-evasion or defensive testing mechanisms.

3. Technical Testing & Validation

  • Evaluate new and emerging security products for effectiveness, detectability, and limitations.

  • Test defensive systems (EDR, SIEM, IDS/IPS, access control systems) against real adversarial behaviors.

  • Benchmark tools and technologies used by operational teams to determine improvements or replacements.

  • Conduct lab-based scenario testing, simulations, and hardware stress-testing.

4. Documentation & Reporting

  • Create detailed technical documentation, diagrams, and operational usage guides.

  • Develop SOPs, testing procedures, and version-controlled documentation for tools and workflows.

  • Produce high-quality reports explaining research outcomes in both technical and executive-friendly formats.

5. Operational Support

  • Provide R&D-backed technical solutions to support Red Team/Blue Team operations.

  • Assist with custom toolkits, payloads, defensive detection packages, hardware modifications, or tradecraft.

  • Troubleshoot equipment and systems for operational use.

  • Work directly with operators to refine tools based on field feedback.

6. Innovation & Future Development

  • Identify emerging technologies with potential security impact (AI, drone systems, biometrics, IoT, access control tech, advanced authentication).

  • Propose new R&D initiatives to enhance organizational capability.

  • Explore unconventional problem-solving approaches — everything from environmental tools to engineered devices.

  • Maintain cutting-edge awareness of global technology trends.

Required Skills & Qualifications

Technical Skills (Cyber & Software)

  • Strong proficiency in scripting and programming (Python, PowerShell, Bash, C#, Go preferred).

  • Understanding of operating systems (Windows/Linux/macOS) and low-level internals.

  • Familiarity with hardware hacking, embedded systems, microcontrollers (Arduino, ESP32, Raspberry Pi).

  • Experience with networking fundamentals, protocols, and packet analysis (Wireshark, Scapy).

  • Knowledge of MITRE ATT&CK, threat actor behavior, and offensive/defensive tooling.

  • Ability to research and interpret vulnerability data (CVE, CWE, NVD).

Hardware & Physical Security Skills (Preferred)

  • Experience with RF communications, SDR (HackRF, Flipper, Proxmark).

  • Familiarity with access control systems, sensors, surveillance tech, alarms, and intrusion devices.

  • Understanding of lock mechanics, bypass tools, and physical testing equipment.

  • Ability to build or modify devices for operational scenarios.

Analytical & Research Skills

  • Ability to analyze complex problems and develop actionable solutions.

  • Strong documentation, diagramming, and structured reporting skills.

  • Capability to rapidly digest large amounts of technical information.

Professional Requirements

  • Strong ethical foundation and adherence to legal boundaries.

  • High attention to detail and operational discretion.

  • Ability to work independently and within cross-functional teams.

  • Strong communication skills — written and verbal.

  • Ability to prioritize multiple research tracks simultaneously.

Preferred Certifications

(Not mandatory — but highly valued within Blackthorn Tactical’s operational environment.)

Cybersecurity & Research-Oriented Certifications

  • OSCP (Offensive Security Certified Professional)

  • OSCE / OSEP / OSEE

  • OSWP (Wireless Professional)

  • GXPN (GIAC Exploit Researcher & Advanced Penetration Tester)

  • GREM (GIAC Reverse Engineering Malware)

  • GPEN (GIAC Penetration Tester)

  • GCIH (GIAC Incident Handler)

  • PNPT (Practical Network Penetration Tester)

  • eCPPT / eCRE / eWPT

  • CompTIA CySA+ / PenTest+

  • Certified Red Team Professional (CRTP)

  • Certified Red Team Expert (CRTE)

Hardware / RF / Physical

  • Practical Wireless Attacks

  • SDR-related certifications

  • Hardware security or embedded systems courses

  • Lockpicking & physical bypass training (legal & professional use only)

Tools & Technologies You May Work With

  • Python, Bash, PowerShell, C#, Go

  • SIEM/EDR platforms (various vendors)

  • SDR systems (HackRF, LimeSDR, RTL-SDR)

  • RFID/NFC tools (Proxmark3, Chameleon Ultra)

  • Microcontrollers (Arduino, ESP32, ESP8266, Pi Zero)

  • Automation frameworks

  • Disassemblers/debuggers (Ghidra, IDA Free, x64dbg)

  • Scripting & automation platforms

  • Embedded hardware toolkits

  • Cloud platforms: AWS/Azure/Google (nice to have)

What Success Looks Like

A successful R&D Specialist at Blackthorn Tactical:

  • Creates tools that enhance real-world operations

  • Identifies vulnerabilities and opportunities before adversaries do

  • Accelerates our capability development pipeline

  • Produces research that guides operational decision-making

  • Builds technology that provides measurable advantage

  • Thinks creatively under pressure

  • Contributes to a culture of innovation and excellence

Work Environment

  • Fast-paced, innovation-driven atmosphere

  • Access to labs, testing equipment, and prototyping tools

  • Collaborative with Red Team, Blue Team, and Intelligence divisions

  • High level of autonomy and creative freedom

  • Focus on mission impact, not corporate bureaucracy

Submit Resume