עדיין מחפשים עבודה במנועי חיפוש? הגיע הזמן להשתדרג!
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
About Huskeys :
Huskeys is reimagining web application protection for the modern era.
As applications become increasingly dynamic, multi-cloud, and AI-driven, traditional WAFs struggle to keep up.
We built the first Agentic Network Security Control Plane - an AI-powered mitigation layer that works with any existing WAF. Our platform helps security teams unify protection, measure effectiveness, reduce manual overhead, and create context-aware policies that block threats without disrupting business flows.
At Huskeys, we believe context is the new attack surface, and that security should empower the business - not slow it down.
About the position:
At Huskeys, we are redefining web application protection by building an intelligent platform that sits across multiple WAF vendors (Cloudflare, AWS, Azure, Akamai, Fastly, ByteWaf). In our world, the depth and breadth of our vendor knowledge is our ultimate competitive asset.
Right now, vendor coverage across the industry is uneven - some ecosystems are deeply understood, while others require structured exploration from scratch. We are looking for a Security Researcher who can dive deep into unexplored vendor terrain, map out behavior, and turn rigorous applied research into meaningful insights.
Note: This is not a bug-hunting or 0-day chasing role. This is applied research: methodical, thorough, and directly tied to shipping actual value to our enterprise customers.
What Success Looks Like After 6 Months :
- Independent Track Lead: You independently lead research on a specific WAF vendor - from first exploration to meaningful customer impact.
- Attack Surface Mapping: You’ve successfully mapped the key behaviors, edge cases, and architectural gaps of your assigned vendor ecosystem.
- Engineering Enabler: You produce reproducible PoCs and structured writeups with a clear capability matrix that can easily turn into production code.
- Domain Expert: You are a trusted, go-to internal knowledge source for your vendor domain, actively enriching the team’s shared knowledge base. Our research is product led research.
Key Responsibilities :
- Vendor Deep-Dives: Research WAF vendors - both mapping out new platforms from scratch and deepening our coverage of existing ones.
- Validate & Reproduce: Hands-on validation of security insights across web applications, APIs, and cloud-based WAF environments at the edge layer.
- Bridge the Gap: Build structured writeups and functional PoCs that seamlessly translate research insights into product deliverable projects.
- Engine Contribution: Design and continuously optimize playbooks, agents and product inside our core engine.
- Customer-Centric Research: Conduct occasional hands-on customer research tracks to uncover high-signal findings and real-world attack vectors.
Day-to-Day Reality
- Deep, Focused Work: Most of your time is spent in independent, focused research - exploring vendor logic, writing test cases, and documenting discoveries.
- Team Alignment: You'll have regular syncs to align on priorities, bounce ideas around, and set the direction for your findings.
- Zero Solo Silos: You will coordinate with Platform engineers when handing off PoCs or unblocking detection pipelines. We define value by actual customer impact, not theoretical whitepapers.
- Structured Pace: Research tracks are owned end-to-end, meaning you get the breathing room to focus without being constantly context-switched.
The Ideal Candidate :
We are looking for a methodical product led researcher. You are the kind of person who gets genuinely excited about spending a week mapping out exactly how AWS WAF handles header manipulation - and coming out the other side with structured insights and a flawless mental model.
- Methodical Mindset: You live by the loop of Hypothesis ➔ Test ➔ Document ➔ Share.
- Comfort with Ambiguity: You are perfectly fine with a blank slate at the start of a research cycle and can comfortably define your own scope.
- Radical Transparency: You share half-baked findings early, ask sharp questions, and never hoard knowledge. Research that lives only in one person’s head has no value to the pack.
Must-Have Requirements
- Experience as a Security Researcher : 5+ years.
- Vendor Research Fluency: Proven ability to independently explore a major WAF environment (Cloudflare, AWS, Azure, Akamai, etc.) from scratch, mapping its rule engines and identifying its gaps.
- Applied Research Methodology: A track record of working in structured, repeatable research cycles rather than ad-hoc scanning.
- Web App & API Security Depth: Hands-on familiarity with how web attacks operate at the HTTP layer (headers, authentication flows, REST/GraphQL API patterns) and how WAFs interact with this traffic.
- Scripting Skills: Proficiency in Python (or similar) to automate test cases and build lightweight internal research tools.
- Excellent Documentation Habits: Strong written communication skills to deliver clean, clear, and actionable work to teams.
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
שאלות ותשובות עבור משרת Security Researcher
חוקר אבטחה ב-Huskeys מתמקד בחקר מעמיק של ספקי WAF (Web Application Firewall) שונים, כמו Cloudflare, AWS ו-Azure. התפקיד כולל מיפוי התנהגויות, זיהוי פערי אבטחה ויצירת תובנות מעשיות שמתורגמות לפתרונות הגנה עבור לקוחות ארגוניים, תוך התמקדות במחקר יישומי ולא בציד באגים.
משרות נוספות מומלצות עבורך
-
Security Researcher
-
תל אביב - יפו
Gotfriends
-
-
Senior Security Researcher Identity & SaaS (Cortex Cloud)
-
תל אביב - יפו
Palo Alto Networks
-
-
Senior Security Researcher
-
תל אביב - יפו
Zenity
-
-
Threat Security Researcher
-
תל אביב - יפו
SafeBreach
-
-
Applied Security Researcher
-
תל אביב - יפו
Wiz
-
-
Security Researcher
-
תל אביב - יפו
Check Point Software
-