← Back to all jobs
C

Security Researcher

CommIT

3h ago

0OtherArmeniahimalayas
Security-ResearcherCybersecurity-ResearchMalware-AnalysisSupply-Chain-SecurityApplication-SecuritySenior-Security-ResearcherPrincipal-Security-ResearcherStaff-Security-ResearcherSenior

Job Description

DescriptionCompany is the pioneer of Active ASPM, purpose-built to secure the modern software supply chain in the age of AI. While traditional tools overwhelm teams with endless alerts, cuts through the noise to identify the critical 5% of risks — those that are truly reachable and exploitable. From GenAI-generated code to cloud runtime, company gives developers and security teams the visibility and automation needed to ship secure software, faster.We're looking for a highly skilled, driven Security Researcher to join our research group to analyze supply chain attacks, dissect malware, and build open-source tools. This is a high-impact role: you'll work with cross-functional teams to scan and protect users and organizations worldwide from the hottest cyber threats, playing a key part in shaping the future.RequirementsMust-Have Skills:5+ years of experience as a Cybersecurity Researcher (supply-chain attacks, malware analysis)Familiarity with open-source registry ecosystems (npm, PyPI, Maven) and their respective attack surfacesProven ability to ship software in a production environmentStrong understanding of the SDLC and modern CI/CD pipelinesComfortable leveraging AI tools to optimize research and development processesProactive and independent mindset, with the ability to take full ownership of projectsNice to Have:Active contributions to open-source security tools or research projectsHands-on experience with decompilers, debuggers, and network traffic analysisAdvanced malware analysis experience (obfuscation, encryption, anti-analysis, and sandbox-evasion techniques)Web application penetration testing experiencePublished CVEs, coordinated disclosures, writeups, blogs, or research papersExperience public speaking at major industry conferences (e.g., Black Hat, DEFCON, RSAC)A genuine passion for cybersecurity, open-source communities, and solving complex ecosystem threatsOriginally posted on Himalayas