דרושים » אבטחת מידע וסייבר » Senior Vulnerability Researcher

We seek an embedded security researcher to join us in developing cutting-edge cybersecurity projects.
Responsibilities:
As an Embedded security researcher, you will be dealing with:
Embedded systems reverse engineering.
Kernel drivers research and development.
Real-time Embedded End-to-End Low-Level software developments on various unique embedded platforms and environments.

We are looking for a Windows engineer to join us in developing cutting-edge cybersecurity projects.
As a Windows engineer, you will be dealing with:
Developing user-mode applications and complex Windows Drivers
Designing and developing components for the company's flagship security product
Low-Level R&D
End to End product development

we are looking for a Embedded Systems Vulnerability Researcher.
As an Embedded Systems Vulnerability Researcher, you will operate at the cutting edge of security projects. Your mission is to identify, exploit, and mitigate security flaws in complex hardware/software ecosystems. You will bridge the gap between the digital and analog worlds, analyzing everything from low-level firmware to the electromagnetic spectrum.
Responsibilities:
Vulnerability Discovery: Perform deep-dive security analysis and "bug hunting" on proprietary embedded systems and RTOS.
Exploit Development: Create Proof-of-Concept (PoC) exploits for identified vulnerabilities, including memory corruption, logic flaws, etc.
Firmware Analysis: Conduct static and dynamic analysis of binary blobs using advanced reverse engineering suites.
Hardware Probing: Utilize JTAG, UART, and SWD interfaces to extract firmware, monitor execution, etc.
Tooling: Develop custom scripts and tools in Python, C, C++ to automate the research and exploitation pipeline.

Required Security Researcher
As a Security Researcher, you will:
Be a part of the OPSEC department which is in charge of research, design, development and enforcement of advanced OPSEC solutions
Be in charge of the operational security research of a cyber intelligence product
Your role will include: Researching OS internals, deconstructing of applications, architecture reviews and red-team tests
Define product requirements, alert mechanisms, working procedures and more.

As a Senior Security Researcher you will be responsible for researching multiple domains in the Automotive, AI, API, IoT and Mobility ecosystems, work closely with our domain researchers, data-scientists, development teams, as well as work with customers to build a cutting edge cybersecurity product at Upstream.

This role is full-time and is Israel based.

Responsibilities
AI Security - research LLM and MCP based attack methods
API Security - research API vulnerabilities and attack methods.
Research the Automotive Cybersecurity ecosystem: Automotive protocols - Both in-vehicle and external vehicle communications, Vehicle Architectures, Device research - Hardware, reverse-engineering, vulnerability research.
Mobility IoT Security - research IoT protocols and devices for vulnerabilities and attack methods.
Develop cyber-attack detection techniques and methodologies.
Develop research tools and technologies.

Required Vulnerability Researcher
Want to make an instant impact?
Be a part of the top cyber research teams in the industry and make the world a better place!
As a Vulnerability Researcher, you will be:
Work with top-notch researchers using the latest technologies
Research low-level mechanisms, finding vulnerabilities and circumventing modern mitigation techniques
Our perks:
A competitive compensation package
Hybrid and flexible
Multiple career advancement opportunities
Incredible benefits.

We are currently hiring for multiple Security Research positions across our Microsoft Defender Research teams in Israel. By applying to this unified pipeline, you will be considered for a high-impact role (at either the Security Researcher II or Senior Security Researcher role) within one of our specialized groups, including Autonomous Attack Disruption, Cloud Workload Protection, Identity Research, Posture Research, or Security for AI.

We are looking for passionate, highly skilled security researchers who thrive on the challenge of breaking complex attacker kill-chains. Leveraging Microsofts dominant market position and the worlds most massive telemetry set, you will have a direct, tangible impact on the security of the global economy. We are looking for researchers who want to see their findings transformed into production-ready protection, where the ultimate goal is not just to detect threats, but to prevent and stop them in near real-time.

Responsibilities
Investigate real world advanced attacker TTPs to develop high-fidelity protection signals, and robust logic across complex kill-chains.

Design and implement innovative capabilities that autonomously prevent, detect and disrupt sophisticated threats in near real-time.

Infuse deep security expertise into the analysis of massive telemetry sets using big-data query languages, reasoning over data to identify novel malicious patterns, and drive evidence-based research decisions.

Partner with engineering and product teams to share research insights, validate protection concepts, and push ideas forward into production-ready protection at a global scale.

Contribute expert insights to a strategic feedback loop by analyzing real-world attack data and telemetry to refine protection coverage and accuracy.

Required Security Researcher
As a Security Researcher, you will:
Be a part of the OPSEC department which is in charge of research, design, development and enforcement of advanced OPSEC solutions.
Be in charge of the operational security research of a cyber intelligence product
Advanced analysis of operating system internals, including binary and architectural evaluation, security testing and exploit mitigation research
Define product requirements, alert mechanisms, working procedures and more.

our Security team is looking for a highly skilled and security-savvy Application Security Engineer to lead our product and application security efforts. In this role, you will drive security design, ensure secure coding practices, and validate our services and environments against the highest security standards.
You will work closely with our R&D and Product teams to identify, mitigate, and prevent security risks throughout the software development lifecycle (SDLC). As a senior engineer, you will own security initiatives, mentor developers on security best practices, and play a key role in shaping the security posture of products.
The ideal candidate is highly motivated, eager to learn, and has a security by design mindset. This role provides career growth opportunities, enabling you to deepen your expertise in AppSec, DevSecOps, and cloud security.
What you'll do:
Partner with development and product teams to integrate security best practices into the SDLC
Lead threat modeling and architecture security reviews to proactively identify and mitigate risks
Conduct security assessments, including code reviews, vulnerability scans, penetration testing, and secure product design reviews
Stay up to date with emerging security threats, vulnerabilities, and industry trends, ensuring remains ahead of evolving risks.
Support and contribute to security incident response activities, including root cause analysis and post-incident improvements
Automate security processes and integrate security tools within CI/CD pipelines
Develop and deliver secure coding training to engineering teams

PlaxidityX is looking for a brilliant Security Researcher to join our elite team. In this role, you will combine offensive research with product innovation. You will conduct in-depth research and penetration testing on Automotive ECUs , uncovering vulnerabilities at both the hardware and software levels. Additionally, you will act as the 'Red Team' for our vehicle protection systems , simulating sophisticated attacks to ensure our detection capabilities stay ahead of global threats.
?What You’ll Do: ECU & Low-Level Research: Conduct deep-dive security research into Automotive Electronic Control Units (ECUs). Automotive Offensive Research: Analyze automotive protocols and architectures to identify, develop, and implement end-to-end attack vectors. Red Teaming: Serve as the internal adversary for our vehicle protection products. You will execute attacks to validate detection efficacy and provide the offensive 'ground truth' needed to improve our security logic. Collaborate with Data Scientists: Work closely with our Data Science teams to fine-tune AI-based detection features, helping to translate complex exploit behaviors into actionable data features.

Advantages:
Data Science & AI: Experience working with data teams, understanding of feature engineering, or experience fine-tuning AI models based on security domain expertise. OS Internals: High level of expertise in Linux / QNX / Android internals (both user and kernel space). Product Security: Experience building or testing Intrusion Detection/Prevention Systems (IDS/IPS) or EDR/XDR platforms. Automotive Knowledge: Understanding of automotive-specific protocols (CAN, Automotive Ethernet, UDS, etc.) and the ability to implement functional attacks against them.