Security Research Team Leader

Company Description

About CyberArk:

CyberArk (NASDAQ: CYBR), is the global leader in Identity Security. Centered on privileged access management, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets. To learn more about CyberArk, visit our CyberArk blogs or follow us on X, LinkedIn or Facebook.

Job Description

As the Security Research Team Leader, you will play a key role in shaping the offensive research and innovation strategy at CyberArk Labs. You will have both the autonomy and responsibility to identify security domains with critical gaps, guide research initiatives, and work closely with researchers to drive impactful security advancements.

The Security Research Team at CyberArk Labs focuses on vulnerability research, identifying emerging threats and security gaps to enhance CyberArk products and contribute to the broader security community. The team has deep expertise in low-level systems, operating systems, frameworks, cloud, and security research, applying this knowledge to critical security domains such as AI, Identity, and Privilege. The team has conducted cutting-edge research and presented findings on leading global stages, including Black Hat, DefCon, RSA, and more.

• Lead and manage a team of vulnerability researchers and research projects.
• Conduct hands-on vulnerability research across multidisciplinary attack vectors.
• Support and guide research blog publications and conference presentations.
• Invent new security layers to mitigate attack techniques, and surfaces discovered in research.
• Write and review technical articles, and present research findings at security conferences.
  
  

• 2+ years of experience leading a security research team.
• 5+ years of hands-on security or vulnerability research experience.
• Deep expertise in operating system internals (Windows/Linux) or other low-level systems and in-depth security research domains.
• Strong reverse engineering skills, with experience using tools like IDA, Ghidra, and others.
  
  

• Exceptional people management skills.
• Previously discovered CVEs.