Security Research

We offer the industry's only platform that fuses customer identity and anti-fraud solutions – customer identity management, identity verification, and fraud prevention.

We sell to industries with large, consumer-facing businesses such as: banking, financial services, insurance, fintech, gaming, ecommerce/retail, telco / media, utilities, etc.

About the Role:

Transmit Security is a top player in its field and is heading into an exciting year. In this role, you will take an integral part in researching, designing, and improving advanced fraud and abuse detection capabilities for a cutting-edge SaaS product.

We are looking for a hands-on security researcher who combines an attacker mindset, fraud-domain curiosity, strong technical depth, and data analysis skills. You will investigate real-world fraud patterns, reproduce attacker techniques, analyze telemetry, enrich our data collection capabilities, discover new security signals, and work closely with product, data, and engineering teams to turn research insights into production-grade detection and prevention mechanisms.

This role is especially relevant for researchers with experience in browser technologies, mobile-native applications, or both. You may work on desktop and mobile browsers, browser APIs, browser automation, client-side signals, native mobile applications, Android/iOS behavior, mobile security, emulators, device signals, and mobile automation.

You will help expand our visibility into new signals and patterns that improve fraud detection, model performance, and customer protection.

If you are a talented researcher who enjoys solving complex problems, working with messy real-world data, and building practical defenses against modern fraud and abuse, we want you to join our team.

What you'll do:

Research emerging fraud and abuse techniques across account takeover, bots, automation, phishing, social engineering, device spoofing, emulators, remote access tools, suspicious network infrastructure, and related attack vectors.
Identify, design, and validate new data collection opportunities, security signals, behavioral patterns, device indicators, browser indicators, and mobile app indicators.
Analyze real-world telemetry, customer-provided labels, behavioral signals, device signals, network indicators, and attack patterns to identify detection opportunities.
Reproduce attacker techniques in lab and production-like environments, generate telemetry, identify detection gaps, and translate findings into detection logic.
Design, validate, and tune detection and prevention mechanisms with attention to coverage, explainability, false positives, customer impact, and production stability.
Build research infrastructure, analysis workflows, and internal tools using Python.
Produce robust data features that can later be used by machine learning models, detection logic, rules, dashboards, and customer-facing insights.
Work with model training pipelines, evaluate model behavior, compare training and validation results, and help determine whether new features improve detection quality.
Collaborate closely with data science, engineering and product, teams to take ideas from research hypothesis through validation, implementation, monitoring, and production feedback.
Stay up to date with fraud trends, attacker tooling, automation frameworks, browser abuse techniques, mobile abuse techniques, malware behavior, phishing techniques, and underground ecosystem developments.
Communicate findings clearly to technical and non-technical stakeholders, including recommended actions, tradeoffs, expected impact, and model/detection quality considerations.

What you'll need:

At least 3 years of experience in security research, fraud research, detection engineering, threat research, mobile security research, browser security research, or a similar hands-on technical role.
Bachelor's degree in Computer Science, Cybersecurity, Data Science, or a related field or equivalent hands-on experience.
Strong hands-on experience with at least one of the following areas:
Desktop or mobile browsers, browser APIs, browser automation, browser fingerprinting, web signals, or client-side web security.
Native mobile applications for Android or iOS, mobile OS behavior, device signals, emulators, mobile automation, app instrumentation, or mobile security.
Strong understanding of web technologies, mobile technologies, APIs, application behavior, and modern attack techniques.
Strong Python skills and experience building research tools, automation, data analysis workflows, detection prototypes, or feature engineering pipelines.
Experience analyzing messy real-world data, investigating anomalies, validating hypotheses, and drawing practical conclusions from incomplete information.
Familiarity with machine learning training and validation concepts, such as train/test split, validation sets, overfitting, leakage, feature quality, precision/recall, false positives, false negatives, and model evaluation.
Ability to produce data features in a structured, reliable, and model-friendly way.
Ability to think like an attacker while designing reliable, scalable, and explainable defenses.
Strong problem-solving skills, independence, persistence, and a "getting things done" attitude.
Excellent communication and interpersonal skills.
Ability to work closely with engineering, product, and data science teams and translate research insights into practical product capabilities.

#LI-AM1 #LI-Hybrid

#LI-TL1 #LI-Hybrid