Security Researcher

Reflectiz is a fast-growing cybersecurity company specializing in proactive website security. Our unique remote monitoring technology helps organizations reduce security, privacy, and compliance risks-protecting critical digital assets that traditional solutions can’t fully cover.

Since our founding in 2019, we’ve built a global customer base that includes Fortune 500 enterprises and leading brands across North America, EMEA, and APAC. With strong year-over-year growth and a financially solid foundation, Reflectiz offers both stability and exciting opportunities for personal and professional development. Our teams in Israel and the United States foster an inclusive, collaborative culture that combines innovation with professionalism-allowing us to consistently deliver exceptional value to our customers.

Requirements

We're looking for a hands-on Security Researcher to help drive the innovation behind our cybersecurity web exposure platform at Reflectiz. Your role will be to leverage deep technical and offensive security expertise to improve detection capabilities, uncover emerging threats, and shape the platform to be the most advanced in the market.

This is a strategic role—your work will directly impact product development, provide valuable intelligence to our clients, and support PR and thought leadership efforts through public research, threat reports, and industry commentary.

Responsibilities

• Research and uncover new web-based threats, vulnerabilities, and attack vectors-especially around JavaScript and modern web technologies.
• Use Reflectiz's platform data to discover trends, anomalies, and new risks across the web.
• Collaborate closely with our CTO and engineering teams to turn findings into product features and detection logic.
• Contribute to public-facing research (blog posts, reports, presentations) that positions Reflectiz as a market leader in web exposure and security.
• Support marketing and PR with high-quality, relevant research for external publication.
• Proven experience in web security research, vulnerability discovery, or offensive security
• Strong understanding of OWASP Top 10, browser behaviors, and client-side threats
• Deep technical knowledge of JavaScript internals, function hooking, object overrides, and prototype manipulation
• Background in ethical hacking, bug bounty programs, or red teaming is a strong advantage
• Ability to work in a fast-paced, tech-driven environment and communicate research in a clear, actionable way