Senior Security Researcher
Вакансия из Hirify Global, списка международных tech-компанийДля мэтча и отклика нужен Plus
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Senior Security Researcher (Browser Security): Discover new attack vectors in browsers, OS internals, and enterprise workflows and engineer robust mitigations with an accent on offensive tradecraft and defensive engineering. Focus on vulnerability analysis, malware reverse engineering, web security primitives, and supply-chain threats.
Location: Tel Aviv
Company
is the Enterprise Browser, a secure workplace for modern enterprises with complete control, visibility, and governance embedded in Chromium-based browsing.
What you will do
- Conduct offensive research to discover attack vectors, abuse patterns, and security gaps in browsers, web apps, OS internals, and workflows.
- Design and implement detections, mitigations, and policies based on your findings to close the attack-to-protection loop.
- Perform reverse engineering on malware, exploits, and obfuscated code across Windows, macOS, and browser environments.
- Research web and browser security techniques from XSS/SSRF to extension abuse and DOM manipulation.
- Investigate supply-chain threats in extension marketplaces and package registries.
- Correlate threat intelligence signals to identify malicious infrastructure and adversary TTPs.
- Publish technical blog posts and present at conferences like Black Hat and DEF CON.
Requirements
- 5+ years in security research, vulnerability research, malware analysis, threat intelligence, or detection engineering
- Offensive security mindset with ability to build mitigations
- Strong analytical skills for unfamiliar code, protocols, or systems
- Familiarity with Windows and/or macOS internals
- Hands-on reverse engineering or dynamic/static analysis tools experience
- Ability to write code for automation, tooling, and PoCs
- Strong written and verbal communication for research and conferences
Nice to have
- Understanding of web and browser security fundamentals
- Experience with browser internals or extension security
- Background in endpoint security, EDR, or DLP
- Experience with static analysis tools like Semgrep, CodeQL, Joern
- Knowledge of software supply-chain attack patterns
- Published research: blog posts, CVEs, conference talks
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →
Похожие вакансии
Threat Detection Researcher (Windows/Linux) (Cybersecurity)
Senior Malware Researcher (Cybersecurity)
Security Researcher (Cybersecurity)
Senior Threat Engineer - Detection (Cybersecurity)
Malware Researcher - CTI (Cybersecurity)