Security Researcher
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Security Researcher operating XBOW for public bug bounty programs. Overseeing target assessments and managing attack capabilities within defined scopes.
Responsibilities:
- Ownership and execution of a continuous program running XBOW against public bug bounty programs, e.g. companies using HackerOne.
- Ownership and execution of a program running XBOW in collaboration with open-source projects (program to be launched in Q2).
- Ensuring that targets are attackable and our activities would be within their bug-bounty scope.
- Prioritizing targets based on attack surface and target value.
- Incorporation of pre-release XBOW software (e.g. new attack techniques or validators) into the program schedule.
- Managing the attack pipeline, including criteria for target prioritization and program capacity planning.
- Validating findings and submitting disclosure reports. This includes a particular responsibility to make sure that our reports are high quality, free of “AI slop”, and well received by the target company.
- Working with public bug-bounty platforms to ensure that our activity is well-understood by them and within their platform rules.
- Working with open-source communities to build a public testing program.
- Professional write-up of interesting findings or exploits, for marketing (e.g. blogs), or public presentation (e.g. Black Hat / DEFCON).
Requirements:
- Professional, hands-on, pentest or cybersecurity research skills.
- Strong professional written English with a cybersecurity focus. Researchers will have an editor available before publication, but written work should be strong enough to be edited.
- Experience working either side of a bug-bounty program.
- Professional writing in other languages.
Benefits:
- Compensation & Equity: Competitive salary and a generous equity package, making you a true owner of the company.
- Career Growth: Shape your role, lead the function, and grow with the company as we redefine cybersecurity.
- Meaningful Work: You will tackle technically complex challenges and play a pivotal role in the growth of our business, working alongside an amazing team and some of the world’s experts to shape how AI transforms cybersecurity.
Similar Jobs
Workday Security Administrator – Modernization Program
Workday Security Administrator managing security configuration and access controls for WVU. Collaborating across HR, Finance, and IT to ensure system integrity and compliance.
Security Engineer, Offensive Security
Security Engineer focusing on advanced vulnerability management and Pentesting as a service at Thrive. Collaborating with clients and ensuring high security standards while fostering trust in cybersecurity capabilities.
Cyber Security Expert – Senior Director/Analyst
Senior Director Analyst supporting national defense modernization and innovation through cybersecurity expertise. Analyzing global market trends and delivering actionable insights to executive clients.
Software Engineer – Product Security
Product Security Engineer developing and operating enterprise security controls. Collaborating with product teams at Allstate to enhance security practices.
Regional Channel Lead – Security & Identity
Channel Account Manager responsible for architecting partner ecosystems and driving revenue. Joining SecureW2's mission towards passwordless security solutions.
Senior Consultant, Penetration Testing
Senior Consultant in Penetration Testing for independent IT management and cybersecurity consultancy. Engaging in web and infrastructure penetration tests and improving client IT security.
Enterprise Account Executive, Cloud Security
Enterprise Account Executive at Foresite selling Google Cloud Security solutions. Collaborating with Google and security specialists to drive revenue growth in mid-market and enterprise accounts.
Cyber Security Engineer – Contract
Cyber Security Engineer responsible for security technologies and operational initiatives at Sunshine Enterprise. Implementing, integrating, and maintaining security technologies across a large-scale environment.
Cybersecurity Architect
Cybersecurity Architect embedding security into every phase of software development lifecycle for cloud infrastructure at Castille Resources Ltd. Designing and implementing security controls and a zero-trust environment.
Network Security Engineer
Security Engineer supporting enterprise security operations and enhancing overall security monitoring across a centralized environment. Focused on designing, tuning, and maintaining security detection rules.
Principal Consultant – Cyber/Physical Security
Principal Consultant leading Cyber-Physical Security for Bureau Veritas, offering consulting services in industrial sectors. Ensuring technical delivery excellence and guiding client engagements in cyber-physical security practices.
Lead II, Cybersecurity Defense
Cybersecurity Defense professional at Kyndryl focusing on incident response, threat hunting, and vulnerability management. Monitor infrastructure security and protect organizations from cyber threats in a supportive environment.
Director – Infrastructure Security
Director of Infrastructure Security at 1Password securing its cloud-native platform and leading a team of engineers. Responsible for setting security direction and ensuring scalable security across various systems.
Principal Information Security Engineer
Principal Information Security Engineer responsible for enterprise security tools at Fifth Third Bank. Advancing Zero Trust strategies and mentoring junior team members in a virtual environment.
Project Manager, Security Questionnaire
Project Manager at Workstreet overseeing multiple client engagements in security compliance. Managing Jira workflows and collaborating with cross-functional teams in a remote-first culture.
Security Authorization Specialist
Security Authorization Specialist managing FedRAMP compliance for the Game Warden platform. Collaborating with cross-functional teams to ensure security and regulatory requirements are met.
Product Security Compliance Lead
Product Security Compliance Lead at Second Front Systems ensuring security architecture and compliance programs. Leading a team in security accreditation efforts and driving innovation in compliance processes.
Senior Cybersecurity Engineer, Advanced Security
Join Presidio as a Senior Cybersecurity Engineer to architect and optimize cutting-edge security solutions. Mentor talent while collaborating to innovate threat detection and response capabilities.
Security Engineer – AI
Security Engineer AI implementing and operating security controls for cloud platforms and AI tools. Focused on Cloud Applications security and custom AI integrations.
Senior Cybersecurity Engineer, Advanced Security
Senior Cybersecurity Engineer responsible for architecting and deploying innovative cybersecurity solutions at Presidio. Collaborating with enterprise clients and leading security transformation projects.