RemoteLeaf Logo
Log in Sign up

Senior Security Researcher

2 weeks, 6 days ago
India
Full-time
Senior
Penetration Tester
Cybersecurity
Cybersecurity GitHub Actions Go Java JavaScript LLM Maven PHP Python Ruby Rust TypeScript
Apply Now
Point Wild

Point Wild

Point Wild specializes in providing comprehensive online security solutions, including consumer VPN and antivirus services, while also supporting businesses with tools to enhance customer retention and address data breaches.

Internet Software & Services
View All Jobs 8

Description

  • Design detection systems that scan open-source packages and container images at scale for malicious behavior.
  • Hunt novel malicious packages, typosquats, dependency confusion attempts, compromised maintainers, and CI/CD abuse patterns.
  • Coordinate vulnerability disclosures with maintainers, foundations, registries, GitHub Security Advisories, and OSV.
  • Build internal tooling with static analysis and AI models to triage findings, summarize package diffs, and cluster related campaigns.
  • Publish technically rigorous blog posts about significant findings to establish thought leadership and community engagement.
  • Tune detection signals, reduce false positives, and develop countermeasures against sandbox evasion techniques.
  • Turn detection findings into actionable intelligence for customers and internal stakeholders.

Requirements

  • 4+ years of security research experience with published CVEs, GHSAs, or equivalent advisories.
  • Deep expertise in multiple vulnerability classes, including malicious packages, RCE, prototype pollution, deserialization, SSRF, auth bypasses, and CI/CD attack paths.
  • Experience designing and operating detection, scanning, or analysis pipelines at scale that run continuously and produce actionable signal.
  • Strong programming skills in TypeScript, Python, Go, or Rust.
  • Ability to read code across multiple languages, including JavaScript, Ruby, Java, and PHP.
  • Proven track record of writing high-quality technical blog posts quickly.
  • Hands-on experience using LLMs as research tools.
  • Contributions to OpenSSF, OSV, Sigstore, SLSA, or adjacent open source security projects are a plus.
  • Reverse engineering experience with obfuscated JavaScript droppers, packed binaries, or malicious post-install scripts is a plus.
  • Conference speaking experience at DEF CON, Black Hat, BSides, OffensiveCon, or Kaspersky SAS is a plus.

Benefits

  • Opportunity to solve real customer problems in a cybersecurity-focused company.
  • High impact role where individual contributions are visible and valued.
  • Fast-paced, growth-oriented environment with opportunities to learn new technologies, products, and markets.
  • Work with talented teammates in an inclusive culture where people matter.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Belmont Lavan

Oracle Security & Controls consultant 6 Months Contract

Belmont Lavan 11-50 Professional Services

Belmont Lavan Ltd is hiring an Oracle Security & Controls Consultant for a 6-month contract to assess, design, and implement security controls across Oracle environments that support data integrity, confidentiality, and regulatory compliance.

Sweden Denmark Contract Mid Level Database Administrator Penetration Tester
Oracle
13 hours, 27 minutes ago
BHG Financial

Senior Information Security GRC Specialist

BHG Financial 1K-5K Diversified Financial Services

BHG Financial is hiring a Senior Information Security GRC Specialist to lead enterprise business continuity and disaster recovery efforts while supporting risk and compliance initiatives for its financial services operations.

United States Full-time Senior Penetration Tester
13 hours, 27 minutes ago
Bridewell

Senior Penetration Tester

Bridewell 251-1K Internet Software & Services

Bridewell is hiring a Senior Penetration Tester to deliver client-facing offensive security assessments across web applications, APIs, and infrastructure while supporting reporting, pre-sales, and service development.

United Kingdom Full-time Senior Penetration Tester
AWS Azure Bash Cybersecurity GCP LLM Penetration Testing PowerShell Python
13 hours, 42 minutes ago
M

Pentester, Offensive Forward Deployment Engineer

Mistral AI 201-500 Artificial Intelligence

Mistral AI is hiring a hands-on Pentester for its Offensive Security team to run real client engagements, uncover vulnerabilities in Mistral’s systems and external targets, and help shape AI-assisted offensive security capabilities.

France United Kingdom Full-time Senior Penetration Tester
Active Directory AWS Azure CI/CD GCP Penetration Testing
13 hours, 57 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers