Security Researcher

About Element Security

Element Security is a leader in external attack surface security. Our platform empowers organizations to take control of their attack surface, leveraging active exploitation to continuously identify and help mitigate high-impact exposures that require immediate attention.

Job Description

We are seeking a skilled and passionate Security Researcher to join our team. The primary focus of this role will be creating and maintaining attack modules for our exploit engine, reinforcing our clients' cybersecurity posture in the face of an ever-changing threat landscape.

Key Responsibilities

• Design, develop, and maintain attack modules for our exploit engine
• Research and stay current with the latest vulnerabilities, exploit techniques, and attack methodologies
• Collaborate with the development team to integrate new attack modules into our platform
• Contribute to the continuous improvement of our exploitation techniques and methodologies
• Participate in threat intelligence gathering and analysis to inform template creation
• Document findings, methodologies, and processes for internal knowledge sharing
• Assist in validating and triaging vulnerabilities discovered by our platform

Qualifications

• 3+ years of experience in security research, penetration testing, or related fields
• Strong understanding of web application security, network protocols, and common vulnerabilities
• Proficiency in programming languages such as Python, Ruby, or JavaScript
• Experience with penetration testing tools (e.g., BurpSuite, Metasploit, Nmap)
• Familiarity with OWASP Top 10 and common attack techniques

Preferred Skills

• Experience with exploit development (Significant advantage)
• Experience with automated exploitation frameworks
• Familiarity with OWASP Top 10 and MITRE ATT&CK framework
• Contributions to open-source security projects or bug bounty programs
• Relevant security certifications (e.g., OSCP, GXPN, GPEN)
• Knowledge of cloud environments (AWS, Azure, GCP)

Personal Qualities

• Strong analytical and problem-solving skills
• Excellent attention to detail and commitment to quality
• Ability to work independently and as part of a team
• Excellent communication skills, both written and verbal
• Passion for cybersecurity and continuous learning
• Ethical approach to security research and exploitation