דרושים » תוכנה » Senior Vulnerability Researcher

We are looking for talented, fast learners to work on vulnerability research and exploitation in embedded and IoT environments. This role is ideal for researchers with strong low-level backgrounds who want to deepen their expertise in IoT and embedded systems security while working on real-world, complex technologies

You will analyze proprietary software and hardware, apply a deep understanding of low-level systems, and take your research from initial discovery to a full end-to-end solution in production.





Requirements
5+ years of experience as a security researcher or industry-equivalent experience.
Understanding of memory corruption (Stack/Heap, UAF) and logical vulnerabilities (Injection, Logic/Design flaws, TOCTOU).
Understanding of common security mitigations such as ASLR, DEP, and CFI.
Expertise in OS internals, file systems, network protocols and cryptography concepts.
Hands-on experience with reverse engineering and debugging tools such as IDA Pro or Ghidra, and GDB.
Proficient in Assembly, C, and Python.

As a Principal/Senior Windows Exploit Researcher, you will be a key member of our Tel Aviv R&D center, responsible for leading research into Windows Anti-Exploit capabilities. You will leverage your top-notch knowledge of the latest exploitation techniques and deep Windows internals to architect and develop the next generation of security protections. Your work will directly contribute to safeguarding our customers from the most sophisticated cyber threats.
Key Responsibilities
Lead advanced research into novel vulnerabilities and complex exploits targeting the Windows operating system.
Architect, develop, and improve sophisticated anti-exploitation mitigations using low-level OS mechanisms, challenging the status quo with innovative solutions.
Drive the design, evaluation, and implementation of next-generation security technologies from conception to deployment.
Develop proof-of-concept (POC) exploits to validate research findings and test the effectiveness of new and existing mitigations.
Analyze customer escalations to help with detecting and preventing malicious activities in our customers networks
Publish research done internally.

We are looking for a Security Researcher who thrives on both sides of the fence. You will develop offensive tradecraft-discovering new attack vectors and writing exploits-then use that perspective to engineer robust, product-level mitigations. If youre energized by finding a novel browser attack on Monday and shipping the defense for it by Friday, this role is for you.
Key Responsibilities
Offensive Research: Discover new attack vectors, abuse patterns, and security gaps in browsers, web applications, OS internals, and enterprise workflows.
Defensive Engineering: Design and implement detections, mitigations, and security policies informed by your offensive findings; close the loop from attack to protection.
Vulnerability & Malware Analysis: Perform reverse engineering on malware, exploits, and obfuscated code across Windows, macOS, and browser environments.
Web & Browser Security: Research techniques ranging from classic vulnerabilities (XSS, SSRF) to browser-specific primitives (extension abuse, DOM manipulation, same-origin bypasses).
Supply-Chain Security: Investigate threats in software supply chains, including browser extension marketplaces and package registries.
Threat Intelligence: Correlate signals across multiple sources to identify malicious infrastructure and adversary TTPs.
Public Impact: Write technical blog posts, publish research, and represent Island at major security conferences (Black Hat, DEF CON, etc.).

We are looking for a visionary VP of Research to lead our elite research group, based out of our Tel Aviv R&D center. Reporting directly to the CTO, you will be responsible for the companys threat research strategy, driving original vulnerability discovery, and ensuring our "Hackers Playbook" remains the most comprehensive in the industry.

This is a highly visible role that balances deep technical leadership with external evangelism. You will not only manage a team of top-tier security researchers but also serve as the public face of our research. You will be presenting at major global conferences, briefing executive customers, and shaping the industry narrative on offensive security.

THE IMPACT YOU WILL HAVE

Research Leadership & Strategy

Lead, mentor, and grow a high-performing team of security and threat researchers.
Define the research roadmap, balancing original vulnerability research (novel attack vectors) with threat intelligence (analyzing emerging APTs, ransomware, and TTPs).
Foster a culture of innovation, guiding the team to discover new attack surfaces in Windows, Linux, macOS, and LLMs.
Thought Leadership & Evangelism

Serve as a primary spokesperson . You must have a proven track record of speaking at top-tier industry conferences (e.g., Black Hat, DEF CON, RSA, BlueHat).
Drive the creation of high-impact technical content, including white papers, technical blogs, and press commentary on breaking security news.
Represent in the media and create relationships with the broader security community.
Product & Business Alignment

Collaborate closely with Product Management and R&D to translate research findings into product capabilities.
Ensure our customers are protected against the latest threats (e.g., US-CERT alerts, Flash reports) within hours of disclosure.
Customer Engagement

Act as a trusted advisor to C-level executives (CISOs, CIOs) at our strategic customers.
Support the Sales and Customer Success teams by providing deep technical insights during high-stakes briefings and QBRs.

our company Cloud Security is seeking a Senior Security Researcher - AI Security to join our highly technical product research team working at the core of our cloud security platform. This is a rare opportunity to define a new discipline. AI security is an emerging field with few established playbooks, and you will help write them. In this role, you will own the research direction for AI security across our company's platform, uncovering novel risks in AI-native systems and translating that knowledge into product capabilities and industry-leading research. You'll be surrounded by experienced researchers and engineers who live and breathe security, with the space and backing to do original work in a domain that is rapidly evolving.
We're looking for an exceptional security researcher who can navigate ambiguity, think like an attacker, and bring clarity to a space that lacks it. You're curious, technically deep, and energized by the challenge of defining risk in systems that are still being understood.
Your Role:
Be at the forefront of an emerging discipline. Conduct technical analysis of AI frameworks, services, and architectures to discover novel risks, vulnerabilities, and attack vectors before they become industry-wide problems .
Define AI security risk by analyzing how exposure is created and exploited in AI systems. Collaborate with engineering and product teams to translate AI research into product findings.
Evaluate the risk of pre-trained models, vector databases, and orchestration frameworks (e.g., LangChain, LlamaIndex) to define how shadow AI creates organizational exposure.
Author blogs, whitepapers, and technical advisories that set the industry narrative. Present original research at leading conferences and serve as our company's external voice on AI risk topics.
Analyze AI systems from an attacker's perspective to define trust boundaries, map attack techniques, and identify exploitable paths. Translate findings into product features and outbound research.
Investigate and analyze AI infrastructures and services to find 0-day vulnerabilities, security holes, weaknesses, and design flaws.

our company Cloud Security is seeking a Senior Vulnerability Researcher. In this role, you will research various cloud assets, roles, relations, and configurations to uncover 0-day vulnerabilities in major cloud providers and technologies. You will lead innovation, solve complex problems, and develop strategies for both attacking and defending cloud environments.
Furthermore, you will be in charge of fostering and spreading our company Cloud Securitys technical expertise. You will present your novel work at conferences and author papers and blogs. You will also build open-source cloud security tools and solutions.
If youre a curious, creative, technical person with an attackers mindset, strong systemic thinking, and a passion for taking things apart and understanding how they work, we encourage you to apply.
Your Role:
Investigate and analyze the multi-cloud stack to find 0-day vulnerabilities, security holes, weaknesses, and design flaws
Follow emerging security threats, author blogs about novel research, publish content, and speak at conferences
Conduct technical research on cloud platforms to yield new insights, theories, analyses, TTPs
Serve as a technical leader and contributor for a research team exploring emerging cloud technologies and services.

our company Cloud Security is seeking a Senior Vulnerability Researcher. In this role, you will research various cloud assets, roles, relations, and configurations to uncover 0-day vulnerabilities in major cloud providers and technologies. You will lead innovation, solve complex problems, and develop strategies for both attacking and defending cloud environments.
Furthermore, you will be in charge of fostering and spreading our company Cloud Securitys technical expertise. You will present your novel work at conferences and author papers and blogs. You will also build open-source cloud security tools and solutions.
If youre a curious, creative, technical person with an attackers mindset, strong systemic thinking, and a passion for taking things apart and understanding how they work, we encourage you to apply.
Your Role:
Investigate and analyze the multi-cloud stack to find 0-day vulnerabilities, security holes, weaknesses, and design flaws
Follow emerging security threats, author blogs about novel research, publish content, and speak at conferences
Conduct technical research on cloud platforms to yield new insights, theories, analyses, TTPs
Serve as a technical leader and contributor for a research team exploring emerging cloud technologies and services.

At our company, we redefine cyber defense vision by combining AI and human expertise to create products that protect nations and critical infrastructure. This is more than a job; its a Dream job. we are where we tackle real-world challenges, redefine AI and security, and make the digital world safer. Lets build something extraordinary together.
our company's AI cybersecurity platform applies a new, out-of-the-ordinary, multi-layered approach, covering endless and evolving security challenges across the entire infrastructure of the most critical and sensitive networks. Central to our our company's proprietary Cyber Language Models are innovative technologies that provide contextual intelligence for the future of cybersecurity.
At our company, our talented team, driven by passion, expertise, and innovative minds, inspires us daily. We are not just dreamers, we are dream-makers.
The Dream Job
As a Senior Malware Researcher, you will analyze and reverse engineer malware and tooling used by advanced threat actors, particularly those targeting governments and critical infrastructure. You will apply deep expertise in binary and script analysis to uncover capabilities, configurations, and C2 infrastructure for threat actor attribution and mitigations.
Your work will power our companys malware catalog, strengthen our understanding of threat actors technical capabilities, and directly support the development of next-generation AI-driven "artificial cyber researchers".
The Responsibilities
Perform in-depth static and dynamic analysis of malware, implants, loaders, and related tooling used by APTs and other sophisticated adversaries.
Reverse engineer binaries and scripts (e.g., PE, ELF, .NET, PowerShell, JavaScript/VBA) to determine capabilities, execution flow, persistence mechanisms, and evasion techniques.
Extract and document configuration data and C2 information, and map these to campaigns, infrastructure, and threat actors in collaboration with CTI researchers.
Develop and maintain detection and hunting artifacts such as YARA rules, VT LiveHunt queries, CAPA rules, and sandbox behavior signatures.
Work closely with CyberAI researchers on the development of next-generation artificial cyber researchers and AI-driven analysis capabilities.

our company Cloud Security is seeking a Senior Security Researcher - AI Security to join our highly technical product research team working at the core of our cloud security platform. This is a rare opportunity to define a new discipline. AI security is an emerging field with few established playbooks, and you will help write them. In this role, you will own the research direction for AI security across our company's platform, uncovering novel risks in AI-native systems and translating that knowledge into product capabilities and industry-leading research. You'll be surrounded by experienced researchers and engineers who live and breathe security, with the space and backing to do original work in a domain that is rapidly evolving.
We're looking for an exceptional security researcher who can navigate ambiguity, think like an attacker, and bring clarity to a space that lacks it. You're curious, technically deep, and energized by the challenge of defining risk in systems that are still being understood.
Your Role:
Be at the forefront of an emerging discipline. Conduct technical analysis of AI frameworks, services, and architectures to discover novel risks, vulnerabilities, and attack vectors before they become industry-wide problems .
Define AI security risk by analyzing how exposure is created and exploited in AI systems. Collaborate with engineering and product teams to translate AI research into product findings.
Evaluate the risk of pre-trained models, vector databases, and orchestration frameworks (e.g., LangChain, LlamaIndex) to define how shadow AI creates organizational exposure.
Author blogs, whitepapers, and technical advisories that set the industry narrative. Present original research at leading conferences and serve as our company's external voice on AI risk topics.
Analyze AI systems from an attacker's perspective to define trust boundaries, map attack techniques, and identify exploitable paths. Translate findings into product features and outbound research.
Investigate and analyze AI infrastructures and services to find 0-day vulnerabilities, security holes, weaknesses, and design flaws.

. We are looking for a Security Researcher to join the team. As a researcher, you will perform security research on open-source projects in both web and low-level technologies. You will define how to identify exploitable security issues in an automated manner and develop code for that purpose.
As a Security Researcher you will...
Research CVEs and 1-day vulnerabilities in various programming languages and ecosystems
Define how to automatically find exploitable vulnerabilities & develop code that identifies the instances where a vulnerability is exploitable
Perform security research on various open-source technologies, frameworks, and libraries
Write technical reports regarding all research subjects mentioned above