Staff Security Researcher (Cybersecurity)

TL;DR

Staff Security Researcher (Cybersecurity): Driving the evolution of an identity security platform by combining security research with engineering practices with an accent on threat detection and identity-based attack vectors. Focus on building large-scale entitlement graph systems, implementing advanced analytics, and translating research into production-ready systems.

Location: Remote (Canada or United States)

Company

hirify.global is a global identity security leader protecting paths to privilege through a comprehensive cybersecurity SaaS portfolio.

What you will do

• Conduct original security research to identify emerging identity attack vectors and develop novel detection methodologies.
• Design and implement advanced analytics, including rule-based systems, behavioral analysis, and machine learning models for threat detection.
• Build and optimize large-scale entitlement graph systems to map privilege escalation paths across customer environments.
• Integrate AI into engineering workflows and design custom data representations to support advanced analytical capabilities.
• Analyze large-scale customer datasets using Spark and Databricks to validate detection hypotheses and uncover threat patterns.
• Provide technical leadership and mentorship to teams while publishing research and presenting at industry conferences.

Requirements

• Strong engineering background in developing and maintaining production security systems.
• Experience with SIEM tools, log analysis platforms, or similar security data systems.
• Knowledge of adversarial tactics, techniques, and procedures (TTPs) and defensive strategies.
• Background in security research focusing on cloud, identity/IAM, or AI.
• Experience engineering event detection and response systems with a focus on tuning and optimization.
• Must be based in Canada or the United States.

Nice to have

• Big data processing experience with Apache Spark, Databricks, or similar distributed platforms.
• Published security research findings or a track record of speaking at technical conferences.
• Knowledge of cloud security, containerization (Docker, Kubernetes), and graph databases.
• Familiarity with machine learning applications in cybersecurity.
• Deep expertise in Active Directory or low-level Windows internals.

Culture & Benefits

• Culture based on flexibility, trust, and continual learning.
• Environment that recognizes individual growth and the impact made on company success.
• Supportive community that encourages professional and personal development.
• Strong commitment to diversity and inclusion in team building and leadership.