CrawlJobs Logo
Rapid7 Logo Rapid7 · IT - Software Development

Lead Security Researcher

India, Pune · Job Posted March 21, 2026
Apply Position
Job Link Share

Job Description

Rapid7's Vulnerability Intelligence team does industry-leading attack research that prioritizes and uncovers risk for organizations worldwide. We’re looking for an experienced vulnerability researcher to contribute to overall team goals, helping defenders get ahead of the curve on emergent threats, and keeping Rapid7 top of mind for industry audiences. You’ll work with a skilled group of technical and cross-team leaders who are highly collaborative and deeply embedded in the security community.

Job Responsibility

  • Work with the broader Vulnerability Intelligence team to support day-to-day research operations, including coordinated vulnerability disclosures and rapid responses to major security incidents
  • Perform and publish root cause analyses of high-priority vulnerabilities and potential threats that highlight Rapid7’s attacker-focused approach to vulnerability intelligence
  • Develop and publish new exploits and attack techniques, working alongside the Metasploit team to incorporate them into Metasploit Framework as needed
  • Conduct zero-day vulnerability research against popular enterprise technologies (e.g., network appliances, VPN gateways, CI/CD servers, file transfer and backup solutions, etc)
  • Advise our security and threat detection engineers as they develop vulnerability checks, fingerprints, and detections
  • contextualize risk and explain attack patterns to cross-team technical stakeholders

Requirements

  • 10+ years of experience with common vulnerability classes and exploitation techniques (e.g., command injection, deserialization, etc)
  • Experience producing vulnerability root cause analyses (or other technical writing on vulnerabilities and exploits)
  • Hands-on experience reverse engineering, patch diffing, and developing exploits
  • Familiarity with common security research tooling (e.g., IDA, Ghidra, Binary Ninja, Burpsuite, etc)
  • An instinct for where and how to obtain or emulate vulnerable software
  • Deep empathy for the challenges that security teams and global organizations face in today's threat climate
  • willingness to listen, mentor, and collaborate across teams

Nice to have

  • Prior experience developing Metasploit modules is a plus
  • Prior experience reverse engineering at least one common enterprise software development language (e.g. Java, .NET, C/C++) is also a plus
Rapid7 - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Lead Security Researcher

8 matching positions

Principal/ Senior Security Researcher Linux & API Security EDR

Are you an innovative security researcher with a deep understanding of Linux sys...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in cybersecurity research, with a proven track record of impactful projects
  • Good knowledge of Linux OS internals, including both user and kernel space
  • Solid knowledge of the cyber threat landscape, modern malware techniques, and APTs
  • Hands-on experience in real-world threat hunting, incident response, or detection engineering
  • Proficiency in programming languages such as Python, C, and/or C++, with a strong understanding of system-level programming and APIs
  • Excellent problem-solving skills and a passion for cybersecurity innovation
  • Ability to work independently, take initiative, and collaborate effectively in a team environment
Job Responsibility
Job Responsibility
  • Play a pivotal role in shaping the future of our security solutions
  • Enhance product effectiveness by designing advanced protection components and developing sophisticated detection rules
  • Research Linux OS internals, virtualized environments, and malware behaviors to inform and strengthen our attack prevention mechanisms
  • Apply advanced AI and big data approaches to investigate and analyze large-scale datasets across our client base
  • Lead research on novel protection concepts and bring them to production-grade quality, serving as a subject matter expert
  • Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs targeting Linux systems
  • Conduct static and dynamic reverse engineering of Linux malware to uncover new techniques and develop mitigation strategies
  • Collaborate closely with engineering, product management, and other research teams to translate research findings into production features
  • Fulltime
Read More
Arrow Right

Principal/ Senior Security Researcher Linux & API Security EDR (Cortex)

Are you an innovative security researcher with a deep understanding of Linux sys...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in cybersecurity research, with a proven track record of impactful projects
  • Good knowledge of Linux OS internals, including both user and kernel space
  • Solid knowledge of the cyber threat landscape, modern malware techniques, and APTs
  • Hands-on experience in real-world threat hunting, incident response, or detection engineering
  • Proficiency in programming languages such as Python, C, and/or C++, with a strong understanding of system-level programming and APIs
  • Excellent problem-solving skills and a passion for cybersecurity innovation
  • Ability to work independently, take initiative, and collaborate effectively in a team environment
Job Responsibility
Job Responsibility
  • Play a pivotal role in shaping the future of our security solutions
  • Enhance product effectiveness by designing advanced protection components and developing sophisticated detection rules
  • Research Linux OS internals, virtualized environments, and malware behaviors to inform and strengthen our attack prevention mechanisms
  • Apply advanced AI and big data approaches to investigate and analyze large-scale datasets across our client base
  • Lead research on novel protection concepts and bring them to production-grade quality, serving as a subject matter expert
  • Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs targeting Linux systems
  • Conduct static and dynamic reverse engineering of Linux malware to uncover new techniques and develop mitigation strategies
  • Collaborate closely with engineering, product management, and other research teams to translate research findings into production features
  • Fulltime
Read More
Arrow Right
New

Principle Security Researcher

This role focuses on advancing state-of-the-art vulnerability research through a...
Location
Location
South Korea , Seoul
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven expertise in vulnerability research, including identifying, analyzing, and validating complex software vulnerabilities
  • Strong systems background (e.g., OS internals, compilers, networking, or distributed systems)
  • Experience with exploit development and proof-of-concept validation
  • Demonstrated experience building or applying AI/ML techniques to security problems (e.g., bug finding, program analysis, fuzzing)
  • Ability to design and implement scalable security analysis systems or pipelines
  • Strong programming skills (e.g., C/C++, Python, Rust, or similar)
  • Track record of impactful security contributions (e.g., CVEs, research publications, or production systems)
  • Ability to translate research ideas into practical tools or product-ready capabilities
  • Strong collaboration and leadership skills, including mentoring and cross-team influence
Job Responsibility
Job Responsibility
  • Technical Leadership in Vulnerability Research
  • Leads advanced vulnerability research across diverse software systems
  • Designs and develops scalable security analysis methodologies
  • Drives systematic identification, validation, and root-cause understanding of vulnerabilities
  • Shapes research direction and technical strategy for the team
  • Mentors engineers and elevates overall technical rigor
  • Translates research findings into real-world security impact across Microsoft and open-source ecosystems
  • AI-Driven Bug Finding and Exploit Generation
  • Develops AI-powered systems for automated bug discovery and validation
  • Improves precision, coverage, and reliability of vulnerability detection
  • Fulltime
Read More
Arrow Right

Senior Security Researcher Identity & SaaS (Cortex Cloud)

Are you passionate about dissecting the intersection of Identity, SAAS, and Clou...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience
  • Strong understanding of modern adversary TTPs and attack methodologies
  • Experience with designing and executing simulated attack scenarios in lab environments
Job Responsibility
Job Responsibility
  • Lead ongoing investigations into the risks associated with SaaS, Identity and Cloud platforms, focusing on how these services are integrated within broader environments
  • Analyze the functional 'how-to' of cloud services to identify inherent risks and develop robust strategies for secure implementation and usage
  • Stay ahead of the curve by researching real-world attacker methodologies and translating these behaviors into practical mitigation strategies
  • Design and execute high-fidelity attack simulations in lab settings to observe adversarial behavior firsthand, specifically focusing on identity-based and SaaS
  • Create comprehensive research outcomes that guide customers on how to use services securely from the ground up
  • Foster a culture of excellence within a diverse team of experts, sharing insights that influence the next generation of cloud and identity security products
  • Fulltime
Read More
Arrow Right

Security Researcher Manager - Cloud & Kubernetes (Cortex)

We're looking for a Manager to lead a security research team for detection and r...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years in a leadership or management role, including mentoring researchers and setting research strategy
  • 5+ years in security research with a proven track record of driving impactful projects
  • Deep expertise in cloud-native security, with strong focus on Kubernetes, containers, and major cloud providers (AWS, Azure, GCP, OCI)
  • Experience developing or working with detection and response products, such as XDR, EDR, or cloud workload protection platforms
  • Excellent communication skills, with the ability to articulate complex research findings and drive alignment across diverse teams
  • Proficient in hands-on coding and scripting (e.g., Python)
  • Experience working with large-scale data pipelines and analytics (e.g., GCP BigQuery, Dataflow)
Job Responsibility
Job Responsibility
  • Manage a team of security researchers conducting research on attacks against cloud data, Kubernetes and containers
  • Lead, mentor, and grow a team of talented security researchers focused on defending organizations as they transition from on-premises data centers to modern cloud and Kubernetes infrastructure
  • Drive the strategy and execution of research initiatives to uncover novel techniques for detecting and responding to sophisticated attacks targeting hybrid and cloud-native environments
  • Define and prioritize detection use cases, relevant datasets, and innovative analytic approaches combining runtime visibility and posture management across diverse platforms
  • Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats in both legacy and cloud contexts
  • Oversee simulation of real-world attacks and deep behavioral analysis to inform and validate detection content
  • Foster collaboration across engineering, product management, and go-to-market teams to deliver impactful security solutions
  • Represent the team and share insights with the security community through blogs, conference talks, and publications
  • Fulltime
Read More
Arrow Right

Sr Principal/Principal Windows Malware Security Researcher

We are looking for a Windows Malware Security Researcher for our Tel Aviv R&D ce...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5 years of experience in the cyber security research domain
  • In-depth knowledge of Windows operating system internals (both user-mode and kernel-mode) - at least 3 years of hands-on research experience
  • In-depth knowledge of C/C++, with hands-on development experience using C/C++ (Win32 API) in a Windows environment
  • Experience with anti-RE techniques such as anti-debug, anti-VM, unpacking, etc.
  • Strong knowledge of the cyber threat landscape, including APTs (Advanced Persistent Threats) and modern malware techniques
  • Strong dynamic analysis skills with hands-on experience using debuggers such as WinDbg, x64dbg, OllyDbg, or similar
  • Strong static analysis skills with hands-on experience using disassemblers such as IDA Pro and Ghidra
  • Proficiency in Python
  • Knowledge of networking and internet protocols
  • A major advantage to candidates with at least 2 years of experience in at least one of the following: EDR/XDR products, Windows kernel development, low-level security solution development, Windows exploitation, or vulnerability research
Job Responsibility
Job Responsibility
  • Playing a pivotal role in shaping the future of our security solutions
  • Enhance the effectiveness of our EDR product by designing cutting-edge protection components and developing sophisticated prevention rules
  • Researching OS internals and how Windows works under the hood - leveraging this knowledge to develop and improve our anti-malware mechanisms and capabilities
  • Research and lead novel protection ideas to production-grade level, serving as the feature subject matter expert
  • Research new malware and APT mitigation techniques and develop corresponding capabilities (POC level), or improve existing mitigation capabilities
  • Respond to malware-based security events at clients' networks
  • Stay up to date with current malware and APT techniques
  • Provide feedback to the product management team on new feature requests and product enhancements from our customer base
  • Find new malware techniques and APT attacks, including analysis of caught-in-the-wild malware
  • Operate independently end-to-end - from initial threat idea, through research and POC, to handing off a production-ready design to core agent engineering with clear specs, test cases, and edge-case analysis
  • Fulltime
Read More
Arrow Right

Information Security Lead Analyst

Location
Location
Hungary , Budapest
Salary
Salary:
17157800.00 - 28767800.00 HUF / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-10 years of relevant experience
  • Additional technical certifications are preferred
  • Demonstrated ability to research and apply current information regarding the IS field
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor's degree/University degree or equivalent experience
  • Master's degree preferred
Job Responsibility
Job Responsibility
  • Develop corrective action language for Information Security (IS) gaps and ensure risk closure meets Citi requirements or industry best practices
  • Facilitate the implementation of approved IS tools and identify/recommend new or improved security solutions or emerging technologies
  • Mitigate risk by analyzing the root cause of issues, impacts to business, and required corrective actions and develop security solutions
  • Ensure IS compliance and seek opportunities to enhance the efficiency of IS policies and procedures
  • Identify significant IS threats and vulnerabilities, and define appropriate controls for discovered threats, documenting the business response
  • Disseminate changes to IS regulations and standards to Business and Program owners
  • Provide Information Security advice and counsel as needed
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Information Security Lead

We’re hiring a Lead of Information Security, reporting to the VP of Technical Op...
Location
Location
United States , Philadelphia
Salary
Salary:
Not provided
Proscia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in information security, including direct experience improving, and contributing to GRC programs
  • Proven expertise in regulatory frameworks such as ISO 27001, SOC 2, GDPR, HIPAA, FedRAMP, TX-RAMP, StateRAMP or similar
  • Hands-on experience with vulnerability management tools, incident response, and security audits
  • Experience embedding security into software development lifecycles—DevSecOps principles applied in practice
  • Experience selecting, implementing, and managing security tooling (e.g., XDR, SIEM, endpoint, code scanning, etc.)
  • Exceptional communication and influencing skills across technical and non-technical teams
  • A high degree of autonomy and ownership—comfortable leading cross-functional efforts and prioritizing in a dynamic environment
  • You already use AI tools in your security work—for policy drafting, threat analysis, log review, control validation, or however it fits your practice
  • Experience with cloud-native environments (AWS preferred)
  • Experience building with or on top of LLMs, AI agents, or agentic pipelines
Job Responsibility
Job Responsibility
  • Manage and evolve vulnerability management— tooling, reporting, and remediation governance
  • Serve as a consultative security leader for Engineering, Product, and Customer teams—governing system designs, architecture, and implementation through a security-first lens
  • Implement AI native tooling to improve detection and response capabilities without incurring an increased demand on resources
  • Partner with Engineering to implement developer-friendly security tools that improve security posture and reduce compliance burdens without slowing velocity
  • Oversee incident response preparation, processes, and execution—ensuring coordinated action, effective communication, and the kind of thorough post-incident analysis that prevents the same problem twice
  • Under the direction VP, TechOps, improve the Proscia Information Security Program, with a focus on governance, risk, and compliance (GRC) across the Concentriq suite of applications and Proscia’s business applications
  • Contribute to security policy development across regulated and non-regulated markets—implementing agentic workflows where it accelerates your research and stress-testing, iterating with stakeholders, and maintaining the rigor and compliance standards our customers expect
  • Influence and execute on the company’s regulatory roadmap—seeking new certifications and frameworks (e.g., ISO 27001, SOC 2, HITRUST) in response to customer and market demands
  • Enable other teams to answer security-related questions from customers, prospects, and partners providing expert information security guidance
  • Anticipate and adapt to industry and regulatory trends, including how AI is reshaping both the threat landscape and the defender’s toolkit—and surface emerging requirements before they become urgent
What we offer
What we offer
  • Competitive pay
  • Savings options
  • Schedule options
  • Insurance options that promote long-term health and personal growth
  • Office environment designed for creativity and agility with walls as notepads and couches for collaboration
  • Located in the heart of Philadelphia with views of the city
  • Fulltime
Read More
Arrow Right