Security Research Engineer

Position Overview

We are seeking a highly skilled Security Research Engineer to join our team and drive security excellence across our products and open source initiatives. This role combines hands-on security research, product development collaboration, and community engagement to strengthen both our internal security posture and the broader security ecosystem.

Key Responsibilities

Benchmark Development & Product Testing

• Design and develop comprehensive security benchmarks and testing frameworks for our products
• Create automated testing suites to evaluate product security capabilities against industry standards
• Conduct regular security assessments and penetration testing of our products
• Analyze test results and provide actionable recommendations for security improvements
• Maintain and evolve testing methodologies to address emerging threats and vulnerabilities

Cross-functional Engineering Collaboration

• Partner closely with engineering teams to integrate security considerations into product development
• Provide security expertise during architecture reviews and design phases
• Guide implementation of security features and capabilities within our core product
• Collaborate on user experience improvements that enhance security without compromising usability
• Participate in code reviews with a focus on security best practices

Open Source Security Leadership

• Lead our open source security program by identifying vulnerabilities in relevant projects
• Conduct thorough vulnerability research and verification across open source dependencies
• Establish and maintain relationships with open source project maintainers
• Coordinate responsible disclosure processes and work with maintainers on remediation
• Contribute security patches and improvements back to the open source community
• Monitor security trends and emerging threats in the open source ecosystem

Security Audit & Compliance

• Conduct comprehensive audits of our internal security procedures and policies
• Assess compliance with industry standards and regulatory requirements
• Identify gaps in security controls and recommend remediation strategies
• Develop and maintain security documentation and procedures
• Support security incident response and post-incident analysis

Required Qualifications

• Bachelor's degree in Computer Science, Cybersecurity, or related field, or equivalent experience
• 5+ years of experience in security research, vulnerability assessment, or related fields
• Strong programming skills in multiple languages (Python, Go, JavaScript, C/C++)
• Deep understanding of common vulnerability classes (OWASP Top 10, CVE patterns)
• Experience with security testing tools and frameworks (Burp Suite, OWASP ZAP, custom tooling)
• Proven track record of vulnerability research and responsible disclosure
• Experience with open source software development and community engagement
• Strong written and verbal communication skills for technical and non-technical audiences

Preferred Qualifications

• Advanced degree in Computer Science, Cybersecurity, or related field
• Security certifications (CISSP, CEH, OSCP, or equivalent)
• Experience with cloud security and containerized environments
• Knowledge of compliance frameworks (SOC 2, ISO 27001, PCI DSS)
• Previous experience leading security programs or initiatives
• Active participation in security research communities and conferences
• Experience with security automation and DevSecOps practices

What We Offer

• Competitive salary and equity package
• Comprehensive health, dental, and vision insurance
• Flexible work arrangements and remote work options
• Professional development budget for conferences, training, and certifications
• Opportunity to present research at industry conferences
• Collaborative environment with cutting-edge technology
• Direct impact on product security and open source community

Reports To

CEO / CTO

We are an equal opportunity employer committed to diversity and inclusion. We welcome applications from all qualified candidates regardless of race, gender, age, religion, sexual orientation, or disability status.