Senior Security Researcher

Suridata is a rapidly growing startup dedicated to SaaS Security. Our platform enables organizations to secure the use of SaaS applications and third parties in a non-intrusive and agentless approach. Companies rely on Suridata’s solution to identify and prevent risks of misconfigurations, third-party interconnections, and users' activity. The platform proactively enforces prevention policies and remediate risks of potential breaches across the SaaS ecosystem.

We are looking for an experienced Security Researcher to join the Suridata Research team to investigate the next generation of threats originating in the SaaS network. As a Security Researcher, you will work closely with the product and R&D teams to create solutions that will implement the new line of defense for SaaS-originated attacks.

Key Responsibilities:

• Investigate, find, and analyze new and existing attacks and tactics in the SaaS environment.
• Participate in developing new strategies and products to help companies protect against evolving threats.
• Discover new attack vectors originating from APIs, identities, and applications.
• Collaborate closely with the product team to develop new tools and implement new mitigations in a multi-layered security approach.

Qualifications:

• Minimum of 5 years of experience in security research, vulnerability research, or threat research.
• Profound knowledge of SaaS security for leading vendors such as Github, Microsoft 365, Salesforce, etc.
• Strong background in creating attack paths or working with automated attack path analysis (APA) products.
• Experience as an Incident Responder, Threat Hunter, Red Team member, or Security Researcher.
• Experience in simulating real environments and creating lab environments.
• Knowledge and experience with SaaS and Cloud environment architecture.
• Proficiency in data analysis and coding.
• Familiarity with security frameworks such as MITRE or similar.
• Ability to develop Proofs of Concept (PoCs) and automation scripts to simulate attacks.
• Experience in writing and publishing technical research papers.
• Ability to work independently and interpret broad directives into executable actions.