Security Researcher (Entry-Level)

About Element Security

Element Security is a leader in external attack surface security. Our platform helps organizations take control of their attack surface by safely validating which exposures are actually exploitable, enabling teams to focus on high-impact issues that require action.

Job Description

We are seeking a talented Security Researcher to join our team. The primary focus of this role is contributing to the creation and maintenance of validation modules within our exploitation engine, helping confirm real-world security issues across modern environments.

This role is well suited for researchers who enjoy hands-on vulnerability research, learning how to automate validation techniques, and growing their skills within a real-world security platform. You will work closely with experienced researchers and engineers and receive ongoing guidance and feedback.

Key Responsibilities

• Assist in researching, developing, and maintaining validation modules within the exploit engine
• Stay current with newly disclosed vulnerabilities and common attack techniques
• Collaborate with the development team to integrate new modules into the platform
• Contribute to improving the reliability, safety, and accuracy of validation logic
• Participate in triaging and validating vulnerabilities discovered by the platform
• Document findings, proof-of-concept steps, and internal methodologies
• Support internal knowledge sharing and continuous improvement

Qualifications

• 1+ year of experience in cybersecurity, application security, penetration testing, or security research
• Hands-on familiarity with common web application vulnerability classes and how they are exploited
• Proficiency in at least one programming language such as Python, JavaScript, or Ruby, with willingness to learn production-quality code
• Experience using security testing tools such as Burp Suite, Nmap, or similar tools
• Familiarity with the OWASP Top 10 and common attack techniques
• Ability to clearly explain how a vulnerability works and how it can be reproduced

Nice to Have

• Exposure to exploit development or proof-of-concept creation
• Familiarity with automated security testing or validation tools
• Awareness of frameworks such as MITRE ATT&CK
• Participation in bug bounty programs, labs, CTFs, or open-source security projects
• Entry-level or foundational security certifications (e.g., eJPT, OSCP)
• Basic familiarity with cloud environments (AWS, Azure, or GCP)

Personal Qualities

• Strong analytical and problem-solving skills
• Attention to detail and care when validating security issues
• Comfortable learning from feedback and collaborating with others
• Clear written and verbal communication skills
• Curiosity and motivation to continuously improve security skills
• Ethical approach to security research and validation