Security Researcher

About Huskeys :

Huskeys is reimagining web application protection for the modern era.

As applications become increasingly dynamic, multi-cloud, and AI-driven, traditional WAFs struggle to keep up.

We built the first Agentic Network Security Control Plane - an AI-powered mitigation layer that works with any existing WAF. Our platform helps security teams unify protection, measure effectiveness, reduce manual overhead, and create context-aware policies that block threats without disrupting business flows.

At Huskeys, we believe context is the new attack surface, and that security should empower the business - not slow it down.

Why we need you?

We are looking for a Security Researcher to take part of a major piece of that knowledge engine. Not just to execute research well - but to define what's worth investigating, build the methodology to investigate it, and produce output the entire company can stand on. You will go deep on vendor research, actively contribute to shaping the product direction within your domain, and be the kind of researcher who naturally raises the bar for those around them.

About the position:

At Huskeys, we are redefining web application protection by building an intelligent platform that sits across multiple WAF vendors (Cloudflare, AWS, Azure, Akamai, Fastly, ByteWaf). In our world, the depth and breadth of our vendor knowledge is our ultimate competitive asset.

Right now, vendor coverage across the industry is uneven - some ecosystems are deeply understood, while others require structured exploration from scratch. We are looking for a Security Researcher who can dive deep into unexplored vendor terrain, map out behavior, and turn rigorous applied research into meaningful insights.

Note: This is not a bug-hunting or 0-day chasing role. This is applied research: methodical, thorough, and directly tied to shipping actual value to our enterprise customers.

What Success Looks Like After 6 Months :

Domain Expert: You are the go-to internal authority on WAF vendors - you've mapped their security control logic, understand where they deviate from standards, and can answer questions about your domain with confidence and depth.

Attack Surface Coverage: You've moved from initial exploration to a comprehensive understanding of your vendors' rule engine behaviors, edge cases, and architectural gaps - with a living coverage model to show for it.

Engineering Enabler: You deliver reproducible PoCs and structured writeups with a clear capability matrix that Platform engineers can take directly into production - no translation layer needed.

• Knowledge Anchor: New research questions about your vendor domains get routed to you first. The team knows who to ask.

Key Responsibilities:

Deep Applied Research

Go beyond surface-level testing - understand why vendor security controls behave the way they do, where they deviate from standards, and where those deviations create risk.

Validate & Reproduce

Hands-on validation of security findings across web applications, APIs, and cloud-based WAF environments at the HTTP layer.

Automation Contribution

Design and continuously optimize our posture and detection playbooks. Own the detection logic for your domain.

Bridge the Gap

Build structured writeups and functional PoCs that seamlessly translate research insights into actionable engineering specifications.

Customer-Centric Research

Conduct occasional hands-on customer research tracks to uncover high-signal findings and real-world attack vectors.

Day-to-day Reality:

Deep, Focused Work: The majority of your time is spent in independent, focused research - exploring vendor logic, writing test cases, building frameworks, and documenting discoveries.

Team Alignment: Regular syncs with the Research TL to align on priorities, evolving research agenda, and cross-team dependencies.

Zero Solo Silos: You coordinate actively with Platform engineers on PoC handoffs and detection pipelines. You initiate cross-functional sessions in your domain rather than waiting for them.

Structured Pace: Research tracks are owned end-to-end, with breathing room to go deep without constant context-switching.

The Ideal candidate:

You are a methodical researcher - the kind of person who gets genuinely excited about spending a week figuring out exactly how Cloudflare's sequence rules behave under real conditions, or how Lambda@Edge can be wired to enforce security logic at the CDN layer - and coming out the other side with a clear, documented mental model the whole team can build on.

Builds for Leverage: You consistently ask "what does this unlock?" Your outputs are designed to be used - by the product, by engineering, by the team.

Owns the Domain: You develop a point of view on your research area over time, not just individual engagements. You become the authority.

Comfort with Ambiguity: A blank slate at the start of a research cycle is your natural habitat. You can scope it, structure it, and drive it to a meaningful answer.

Radical Transparency: You share early, ask sharp questions, and actively raise the quality bar for everyone around you.

Must-Have Requirements

• 6+ years as a Security Researcher.
• Vendor Research Fluency: Proven ability to independently explore a major WAF or cloud security vendor environment (Cloudflare, AWS, Azure, Akamai, etc.) from scratch - mapping rule engine behaviors, identifying gaps, and producing structured findings.
• Research Autonomy: A track record of defining research scope and methodology from an open-ended brief, not just executing on predefined tasks.
• HTTP and API Familiarity: Comfortable working at the HTTP layer - enough to understand how WAF controls interact with real traffic patterns.
• Output Quality: Demonstrated ability to produce high-leverage research artifacts: methodologies and frameworks that others build on, not just per-project findings.
• Scripting Skills: Proficiency in Python (or equivalent) to automate test cases and build lightweight research tooling.
• Communication: Strong written communication - clean, clear, and actionable findings that engineers and product can act on directly.