דרושים » אבטחת מידע וסייבר » Security Researcher

We are pushing the boundaries of security analysis of both binaries and code, shifting left and bringing new and exciting features to both developers and DevOps.
We are looking for an experienced malware researcher to lead our malware research team. As a Malware Research Team Lead, you will lead research on source code, compiled code, and various software supply chain attacks. The position requires proven experience in researching malicious code, understanding supply chain attack techniques, and experience in developing malware monitoring and analysis automation.
As a Malware Research Team Lead you will...
Lead a team of experienced malware researchers to discover malicious code in open source & new supply chain attack techniques
Research malicious code in public repositories from various coding languages and technologies
Define and implement ways to automatically detect malicious code in open-source software
Write technical reports and outward-facing publications regarding all research subjects mentioned above
Present your teams research in local and international security conventions.

Ask a member of our team and theyll answer, Our people! We work together to build and innovate best-in-class cybersecurity solutions for our customers; all while creating a culture of belonging, respect, and excellence where we can be our best selves. When youre part of our team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together!
Cloud Security was established through the acquisition of Ermetic, an innovative cloud-native application protection platform (CNAPP) company, and a leading provider of CIEM. This acquisition is a significant step in mission to shift organizations towards proactive security, offering market-leading contextual risk visibility, prioritization, and remediation across both on-premises and cloud infrastructures.
Your Opportunity:
Cloud Security is seeking a Senior Vulnerability Researcher. In this role, you will research various cloud assets, roles, relations, and configurations to uncover 0-day vulnerabilities in major cloud providers and technologies. You will lead innovation, solve complex problems, and develop strategies for both attacking and defending cloud environments.
Furthermore, you will be in charge of fostering and spreading Cloud Securitys technical expertise. You will present your novel work at conferences and author papers and blogs. You will also build open-source cloud security tools and solutions.
If youre a curious, creative, technical person with an attackers mindset, strong systemic thinking, and a passion for taking things apart and understanding how they work, we encourage you to apply.
Your Role:
Investigate and analyze the multi-cloud stack to find 0-day vulnerabilities, security holes, weaknesses, and design flaws
Follow emerging security threats, author blogs about novel research, publish content, and speak at conferences
Conduct technical research on cloud platforms to yield new insights, theories, analyses, TTPs
Serve as a technical leader and contributor for a research team exploring emerging cloud technologies and services

The CSO Security team is looking for a Senior Application Security Researcher.
In this role, you will perform vulnerability research, assess existing architectures, and build and run tools to secure the application landscape at scale. You will work closely with R&D and DevOps teams and be the focal point for identifying and solving complex security challenges. This is a hands-on, development-focused role with the goal of ensuring our products adhere to the stringent security requirements of our thousands of customers.
As a Senior Application Security Researcher you will
Continuously assess and challenge our overall security posture to ensure optimal and up-to-date platform security in our products and systems
Evaluate architecture, design, and code to ensure they are free from potential vulnerabilities and security risks
Train and mentor developers about security frameworks, testing, vulnerabilities, and best practices to ensure code compliance
Evaluate new technologies and standards in the application security domain
Plan and lead cross-company efforts with the R&D that will improve our security posture.

We are seeking a highly skilled and motivated Senior Security Researcher to join our dynamic team.
As a Senior Security Researcher, you will play a pivotal role in simulating real-world attack scenarios, identifying vulnerabilities, and contributing to the development of innovative security solutions. You will work alongside some of the best security experts in the industry, driving research initiatives and enhancing your knowledge of emerging threats and attack techniques.
Key Responsibilities:
Conduct in-depth research and analysis of n-day vulnerabilities to assess risk and potential impact.
Investigate attack vectors across various operating systems and cloud environments (IaaS/SaaS).
Define and document mitigation strategies for discovered attack techniques, collaborating with development teams for implementation.
Drive the integration of research findings into product features, ensuring enhanced security capabilities.
Stay abreast of the latest security trends, technologies, and best practices to maintain expertise in the field.
Collaborate with cross-functional teams to communicate and implement identified attacks, techniques, and solutions.
Contribute to public security research through blog posts and potentially present findings at industry conferences.

We are seeking a Senior Vulnerability Researcher. In this role, you will research various cloud assets, roles, relations, and configurations to uncover 0-day vulnerabilities in major cloud providers and technologies. You will lead innovation, solve complex problems, and develop strategies for both attacking and defending cloud environments.

Furthermore, you will be in charge of fostering and spreading Tenable Cloud Securitys technical expertise. You will present your novel work at conferences and author papers and blogs. You will also build open-source cloud security tools and solutions.

If youre a curious, creative, technical person with an attackers mindset, strong systemic thinking, and a passion for taking things apart and understanding how they work, we encourage you to apply.

Your Role:

Investigate and analyze the multi-cloud stack to find 0-day vulnerabilities, security holes, weaknesses, and design flaws.

Follow emerging security threats, author blogs about novel research, publish content, and speak at conferences.

Conduct technical research on cloud platforms to yield new insights, theories, analyses, TTPs.

Serve as a technical leader and contributor for a research team exploring emerging cloud technologies and services.

We are looking for a Cyber Security Researcher to drive innovation in security defenses for on-premises and cloud environments. Your primary focus will be twofold:
1. Researching and developing novel defensive mechanisms to detect and mitigate advanced threats.
2. Contributing to open-source security tools by developing new solutions and enhancing existing ones.If you have a passion for security research, a strong technical foundation, and a drive to make meaningful contributions to the cybersecurity community, wed love to hear from you.
Responsibilities:
Research and prototype novel security defense techniques for on-prem and cloud-based systems
Analyze modern attack techniques and develop countermeasures to mitigate them.
Design, develop, and improve open-source security tools to help defenders detect and respond to threats.
Reverse engineer malware, attack tools, and security mechanisms to identify vulnerabilities and improvements.
Investigate Windows internals and authentication protocols (NTLM, Kerberos, SAML, OAuth) to enhance security defenses.Write secure, efficient, and maintainable C/C++ code for research and tooling purposes.
Collaborate with the security research community and contribute to blogs, whitepapers, and conference talks.
Stay ahead of the evolving threat landscape and propose innovative security solutions.

As a Security Researcher, you will be responsible for conduct in-depth research and analysis of new threats and vulnerabilities in the blockchain space and develop tools and systems to detect and mitigate security risks in real-time. Youll work closely with our engineering and product teams to develop security strategies, detect and mitigate exploits, and enhance our on-chain security platform. While prior Web3 experience is an advantage, we welcome applicants with a solid security research background looking to break into blockchain security.

Key Responsibilities:
Conduct in-depth security research on blockchain protocols, smart contracts, and decentralized applications.
Identify and analyze security vulnerabilities, exploits, and attack vectors in Web3 protocols.
Collaborate with the engineering team to integrate detection capabilities into our on-chain exploit detection system.
Create proof-of-concept (PoC) exploits and simulations to help test and validate threat scenarios.
Stay current with emerging threats, new technologies, and industry best practices in information security.

We're looking for an Application Security Researcher to join us. In this critical role, you will assist us in validating our services and environments according to the highest security standards. Also, You will work closely with our R&D and Product teams, and solve complex security problems.
Responsibilities:
Continuously checking and improving security measures to protect our systems.
Reviewing system architecture, design, and code to find and fix security weaknesses before they become a problem.
Helping developers follow secure coding practices and learn how to prevent security risks.
Staying updated on new security threats and best practices to keep our security standards high.
Contributing to our security research blog.

We seek a highly skilled Blockchain Security Researcher to lead our Blockchain Security Research Team. This role focuses on discovering low and high-level vulnerabilities, researching exploits in decentralized applications (dApps), developing security tools, and enhancing proactive security measures to protect blockchain environments. As a team lead, you will also be responsible for leading and mentoring a team of security researchers, driving security strategy, and collaborating cross-functionally to improve our overall security posture.
This is a unique opportunity to be part of a fast-growing startup developing state-of-the-art blockchain technology while working at the forefront of security.
Key Responsibilities:
Lead and mentor a team of blockchain security researchers, fostering innovation and collaboration.
Find and analyze exploits in compilers, dApps, smart contracts, and blockchain networks.
Develop tools for detecting and preventing attacks in blockchain ecosystems.
Conduct deep forensic analysis of blockchain transactions, logs, and smart contract behaviors to understand attack vectors.
Stay up to date with blockchain threat intelligence, emerging vulnerabilities, and new attack techniques.
Design tailored security solutions for dApps, protocols, and critical network components.
Proactively enhance security monitoring and threat detection for identified attacks.
Collaborate with product, development, and security teams to improve security posture.
Drive security research initiatives and contribute to industry-wide best practices.

We are seeking an experienced Senior Security Researcher to join our Research department, focusing on low-code/no-code platforms, AI copilots, and generative AI technologies. This role offers a unique opportunity to lead cutting-edge security research and help shape the future of application security in these rapidly evolving fields.

Responsibilities

Conduct thorough research to identify security weaknesses and vulnerabilities within low-code/no-code platforms, AI copilots, and Gen AI technologies.
Perform in-depth analysis of web and API security, identifying potential threats and developing mitigation strategies.
Work closely with cross-functional teams to address security concerns throughout the development lifecycle, particularly in AI and low-code/no-code environments.
Stay up-to-date with the latest industry trends, security threats, and advancements in low-code/no-code and AI technologies.
Develop proof-of-concept exploits, provide recommendations for remediation to affected vendors, and contribute to security detections in the platform.
Contribute to the development of security guidelines, best practices, and standards tailored for low-code/no-code platforms and AI security.
Collaborate with external security researchers and organizations to enhance the security posture of the low-code/no-code and AI landscape.
Conduct publishable research, sharing insights through blog posts, conference talks, and meet-ups to advance the broader security community.