Principal Security Researcher

Spellbook is a comprehensive AI copilot for transactional lawyers. It helps legal teams draft, review, and negotiate contracts up to 10x faster and with greater precision. The company is backed by leading investors and has raised $50 million in Series B funding. They are looking for a Principal Security Researcher to protect the trust of their users.RequirementsStrong experience in application security, red teaming, penetration testing, vulnerability research, product security, or offensive security.Hands-on experience testing modern web applications, APIs, authentication flows, authorization models, cloud services, and distributed systems.Experience developing proof-of-concept exploits or clear technical demonstrations to validate security impact.Firm grasp of common software security risks, secure design principles, identity and access controls, data protection, and secure development practices.Experience partnering with engineering, product, or R&D teams to triage, prioritize, and remediate vulnerabilities end-to-end.Excellent written and verbal communication skills, with the ability to write clear technical reports, executive summaries, remediation guidance, and public-facing research.Strong judgment around responsible disclosure, customer impact, confidentiality, and coordinated communication.Pragmatic at distinguishing theoretical risk from practical risk, with the instinct to help teams focus on what matters most.BenefitsGenerous Paid Time OffAccess to company-paid group benefits for you and your family, with $1,000 towards mental health supportMonthly paid mealsAnnual wellness allowance to support your well-beingParental leave top-ups as your family growsCompetitive stock option grants as a pivotal early employeeOriginally posted on Himalayas