עדיין מחפשים עבודה במנועי חיפוש? הגיע הזמן להשתדרג!
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
מלאה
25,000-40,000 ₪
We are looking for a Security Researcher who thrives on both sides of the fence. You will develop offensive tradecraft-discovering new attack vectors and writing exploits-then use that perspective to engineer robust, product-level mitigations. If youre energized by finding a novel browser attack on Monday and shipping the defense for it by Friday, this role is for you.
Key Responsibilities
Offensive Research: Discover new attack vectors, abuse patterns, and security gaps in browsers, web applications, OS internals, and enterprise workflows.
Defensive Engineering: Design and implement detections, mitigations, and security policies informed by your offensive findings; close the loop from attack to protection.
Vulnerability & Malware Analysis: Perform reverse engineering on malware, exploits, and obfuscated code across Windows, macOS, and browser environments.
Web & Browser Security: Research techniques ranging from classic vulnerabilities (XSS, SSRF) to browser-specific primitives (extension abuse, DOM manipulation, same-origin bypasses).
Supply-Chain Security: Investigate threats in software supply chains, including browser extension marketplaces and package registries.
Threat Intelligence: Correlate signals across multiple sources to identify malicious infrastructure and adversary TTPs.
Public Impact: Write technical blog posts, publish research, and represent Island at major security conferences (Black Hat, DEF CON, etc.).
Key Responsibilities
Offensive Research: Discover new attack vectors, abuse patterns, and security gaps in browsers, web applications, OS internals, and enterprise workflows.
Defensive Engineering: Design and implement detections, mitigations, and security policies informed by your offensive findings; close the loop from attack to protection.
Vulnerability & Malware Analysis: Perform reverse engineering on malware, exploits, and obfuscated code across Windows, macOS, and browser environments.
Web & Browser Security: Research techniques ranging from classic vulnerabilities (XSS, SSRF) to browser-specific primitives (extension abuse, DOM manipulation, same-origin bypasses).
Supply-Chain Security: Investigate threats in software supply chains, including browser extension marketplaces and package registries.
Threat Intelligence: Correlate signals across multiple sources to identify malicious infrastructure and adversary TTPs.
Public Impact: Write technical blog posts, publish research, and represent Island at major security conferences (Black Hat, DEF CON, etc.).
Requirements:
5+ years of experience in at least one of the following: security research, vulnerability research, malware analysis, threat intelligence, or detection engineering
Offensive security mindset with the ability to flip to the defensive side - finding attacks and building mitigations
Strong analytical skills - comfortable digging into unfamiliar code, protocols, or systems and figuring out how they break
Familiarity with operating system internals (Windows and/or macOS)
Hands-on experience with reverse engineering or dynamic/static analysis tools
Ability to write code for automation, tooling, and proof-of-concepts
Strong written and verbal communication - ability to write compelling research and present at conferences
Nice to have:
Solid understanding of web and browser security fundamentals
Experience with browser internals or browser extension security
Background in endpoint security, EDR, or DLP
Experience with static analysis tools (Semgrep, CodeQL, Joern, or similar)
Knowledge of software supply-chain attack patterns
Published security research - blog posts, CVEs, or conference talks (Black Hat, DEF CON, BSides, etc.)
5+ years of experience in at least one of the following: security research, vulnerability research, malware analysis, threat intelligence, or detection engineering
Offensive security mindset with the ability to flip to the defensive side - finding attacks and building mitigations
Strong analytical skills - comfortable digging into unfamiliar code, protocols, or systems and figuring out how they break
Familiarity with operating system internals (Windows and/or macOS)
Hands-on experience with reverse engineering or dynamic/static analysis tools
Ability to write code for automation, tooling, and proof-of-concepts
Strong written and verbal communication - ability to write compelling research and present at conferences
Nice to have:
Solid understanding of web and browser security fundamentals
Experience with browser internals or browser extension security
Background in endpoint security, EDR, or DLP
Experience with static analysis tools (Semgrep, CodeQL, Joern, or similar)
Knowledge of software supply-chain attack patterns
Published security research - blog posts, CVEs, or conference talks (Black Hat, DEF CON, BSides, etc.)
This position is open to all candidates.
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
משרות נוספות מומלצות עבורך
-
Senior Security Researcher Identity & SaaS (Cortex Cloud)
-
תל אביב - יפו
Palo Alto Networks
-
-
vulnerability researcher - 2600
-
תל אביב - יפו
Shabak - Israeli Security Agency - Career
-
-
Security Researcher
-
תל אביב - יפו
Huskeys
-
-
Security Researcher
-
תל אביב - יפו
Medulla
-
-
Security Researcher - Relocation to USA
-
תל אביב - יפו
Snatch UP
-
-
Security Researcher
-
תל אביב - יפו
Gotfriends
-
