Senior Security Researcher

The browser has become the main productivity tool for employees due to driving trends like working remotely, BYOD, and web-based SaaS applications.

At Seraphic, we are revolutionizing browser security. Our patent-pending technology offers unmatched protection against zero-day attacks, phishing, and malicious downloads. By operating at the core of the browser, we provide comprehensive visibility and control, preventing data loss and leakage.

Why Seraphic?

• Cutting-Edge Protection: Full defense against all browser threats
• Seamless Access: Browse internal sites and private applications directly from your browser without a VPN or a remote desktop
• Innovative Environment: Be part of a team leading the cybersecurity frontier shaping the modern solutions impacting billions of users
• Challenging Technologies: Engage with a rich SaaS app, high-scale backend processing millions of requests, and a core networking solution, all with the highest level of security
• Innovation and Leadership: Leverage our patented technology and leadership recognition, such as Frost & Sullivan's 2024 Enabling Technology Leadership Award for Global Zero Trust Browser Security
• Collaboration and Team: Work with industry experts in a collaborative environment to solve complex problems
  
  

This is an exciting opportunity to join a fast-growing start-up company, consisting of talented team players, with the best-of-breed solution revolutionizing browser security.

Join us in shaping the future of secure browsing!

We are seeking a talented and passionate Senior Security Researcher to join our team. In this role, you will explore vulnerabilities, analyze emerging threats, and develop innovative solutions to secure web technologies. As a key contributor, you’ll collaborate with a team of experts to ensure Seraphic remains at the forefront of browser and endpoint security.

This role is pivotal in driving Seraphic’s innovation, leveraging deep security expertise and data-driven insights to continually evolve our cutting-edge solutions and safeguard our customers in an ever-changing threat landscape.

What you'll do:

• Threat Research: Identify and analyze emerging security threats, vulnerabilities, and attack techniques in web browsers and related technologies
• Exploit Development: Simulate real-world attacks to evaluate and improve the resilience of our solutions
• Vulnerability Discovery: Conduct in-depth research to uncover vulnerabilities in web technologies, browser extensions, and web applications
• Improve and Develop Security Modules: Analyze data collected from our platform to extract actionable insights that enhance existing security modules or propose innovative algorithms to provide superior protection for our customers.
• Collaboration: Work closely with the engineering and product teams to integrate findings into Seraphic's solutions and enhance product security
• Publishing: Write technical reports, advisories, and white papers to share findings internally and externally when appropriate
• Tool Development: Develop tools, scripts, or frameworks to automate threat analysis or identify vulnerabilities
• Staying Current: Monitor industry trends, participate in security conferences, and contribute to the security community
  
  

Requirements:

What you’ll bring with you:

• 5+ years in security research, vulnerability analysis, or a related field
• Researching or securing web technologies, browser extensions and plugins
• Discovering vulnerabilities leading to CVEs
• Deep understanding of web technologies, browser internals, and JavaScript
• Proficiency in reverse engineering and debugging tools
• Familiarity with exploit development and mitigation techniques (ASLR, DEP, etc.)
• Experience with modern web application architectures and frameworks
• Understanding of network security and common protocols (HTTP, HTTPS, etc.)
• Web technologies, malware analysis
• Skilled in scripting languages like Python, JavaScript, or Bash
• Experience with tools such as Burp Suite, IDA Pro, Ghidra, or similar
• Strong analytical and problem-solving skills
• Excellent communication skills, both written and verbal
  
  

Nice to have but not a must:

• Certifications: OSCP, OSWE, or similar certifications in web and application security
• Community Engagement: active participation in bug bounty programs, security forums, or contributions to open-source security tools