Senior Security Researcher Remote US

About the RoleWe are looking for a Senior Security Researcher to lead our offensive security research efforts in the domain of software supply chain security. This is a unique opportunity to work at the forefront of secure SDLC and software supply chain security, identifying zero-day vulnerabilities in software artifacts and CI/CD systems, analyzing attack trends, and influencing the next generation of security capabilities in our products.This role requires deep technical expertise in vulnerability research, application security, reverse engineering, and offensive security techniques. The ideal candidate will also play a key role in publishing groundbreaking research through blogs, white papers, and speaking engagements at top security conferences.How You'll Make an ImpactConduct offensive security research on software supply chain threats, identifying and analyzing zero-day vulnerabilities.Develop and refine exploit techniques to understand modern attack vectors targeting software supply chain through malicious code, 3rd party libraries, and CI/CD systems.Work closely with Product Management to translate research findings into innovative security capabilities within Endor Labs' products.Publish research findings through technical blogs, white papers, and industry-leading security conferences.Collaborate with security engineers and developers to prototype and implement detection and mitigation strategies for emerging threats.Contribute to the security community by developing open-source tools, methodologies, or frameworks that enhance software supply chain security.Stay ahead of the latest threats, attacker methodologies, and evolving security trends to continuously refine our research efforts.What You Bring to the Table5+ years of experience in security research, vulnerability discovery, and offensive security.Deep expertise in reverse engineering, exploit development, and software vulnerability analysis.Strong understanding of software supply chain security, including package management systems, CI/CD pipelines, and dependency analysis.Experience discovering and responsibly disclosing zero-day vulnerabilities.Proven track record of publishing high-quality research or presenting at top security conferences (e.g., Black Hat, DEF CON, RSAC, BSides).Proficiency in programming languages such as Python, Rust, or Go.Strong analytical skills and the ability to conduct complex security research autonomously.Excellent communication skills, both written and verbal, to convey technical concepts to diverse audiences.Work with a world-class team dedicated to pushing the boundaries of security research.Directly influence the security of modern software supply chains.A culture that values innovation, collaboration, and continuous petitive compensation, flexible work environment, and a generous benefits package.Opportunity to present groundbreaking research and contribute to the global security community.If you are excited about making a real impact in cybersecurity and shaping the future of software supply chain security, we’d love to hear from you!Apply now to join our team of world-class security experts! #J-18808-Ljbffr

Created: 2025-09-17