Senior Security Researcher

What You’ll Do

Principal Security Researcher to join the CTO’s security research team. We are seeking a Principal Security Researcher who will lead complex research initiatives, apply techniques to incidents to refine them, and collaborate across engineering, data science, and threat intelligence teams to shape the future of cyber defense. This principal level position will drive the discovery and development of cutting-edge techniques to detect, analyze, and prevent cyber attacks. We are looking to create mechanical advantage with new methods to uncover attacks.

Who You’ll Work With

You will partner with threat hunters, security contractors and full time employees on attack detection.

Who You Are

An individual that loves learning new things. Someone who is not afraid of picking up new programming languages and jumping into new code on a regular basis. Someone who is interested in picking up and learning new security technologies.

Required Skills:

"Security testing through a testing technique known as Fuzzing
Must be able to understand when to use Mutation-based, Coverage-based & Grammar-based fuzzing.
Proficient with tools such as AFL++, libFuzzer, Honggfuzz, Sulley
Able to develop custom test harnesses for testing specific APIs or entry points at scale
Able to debug crashes and identify root causes within x86 and ARM environments
Potentially create exploits based on crashes
Understand binary layouts and memory safety vulnerabilities
Proficient with Container security escapes and hardening efforts
Demonstrated understanding of attacker tradecraft especially attacks in the cloud (such as Entra, Azure, and M365).
Proficiency in scripting or programming in languages such as Python.
Proficiency in cloud query languages such as Kusto.
Experience communicating/presenting to an executive audience on complex research that generates actionable insights.
 

Highly Desired Skills:

15+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection 
OR Doctorate in Statistics, Mathematics, Computer Science or related field
Experience identifying malicious activity in a detection system at scale to protect an environment, product, or service
Invent and develop novel detection methods for identifying cyber attacks.
Lead in-depth research projects on emerging attack vectors, tactics, and techniques used by advanced threat actors.
Familiarity with graph analytic techniques applied to the cyber domain
Leverage machine learning, statistical analysis, and other analytics to uncover stealthy and sophisticated threats