Security Researcher

A cybersecurity startup focused on the U.S. market, operating in the Application Security space.

develops a Runtime Security platform designed to protect data and business logic across all layers of the application.

Key Responsibilities

Data-Driven Research: Analyze large datasets and security telemetry to identify anomalies and potential security breaches.

Detection Engineering: Design, develop, and implement security rules and logic to trigger company defense systems and identify findings in real-time.

Vulnerability Research: Conduct deep-dive security research on complex web applications.

Collaboration: Work closely with R&D and Security Operations teams to provide remediation guidance and enhance monitoring capabilities.

Requirements

Experience: 3+ years of experience in Web Security Research or Advanced Penetration Testing.

OWASP Mastery: Deep understanding of the OWASP Top 10 and modern web-based attack vectors.

Third-Party Security: Ability to find and fix security flaws in open-source libraries and third-party software.

Infrastructure: Strong understanding of microservices architectures, Docker, and Kubernetes.

Coding Skills: Ability to read and script in languages such as Python, JavaScript (Node.js), Go, or Java.

Web Tech: Expertise in web protocols (HTTP/S, WebSockets), Auth mechanisms (OAuth, JWT, SAML), and modern APIs (REST, GraphQL).

Soft Skills: Good communication skills and a genuine passion for sharing knowledge with the team.

Bonus Points

Analytics: Hands-on experience with Kibana and Elasticsearch for data visualization and threat hunting.

Community Engagement: Experience with writing security blogs, CVE research, or active participation in Bug Bounty programs. 

Certifications: OSWE, OSCP