CrawlJobs Logo

Senior CyberSecurity Researcher

France, Paris · Job Posted May 03, 2026
Apply Position
Job Link Share

Job Description

We are seeking a highly skilled and motivated senior security researcher to join our team and focus on addressing security challenges related to secrets in the new world of agentic AI. You'll join the cybersecurity research team. The team brings backgrounds from CISO roles, red teaming, penetration testing, development, and vulnerability research, with recent participation at major conferences such as Real World Crypto, SSTIC, Black Alps, Northsec and KubeCon. Day-to-day, you will investigate novel and existing tactics to find and abuse exposed credentials, then publish your findings as authoritative research. This means analyzing ongoing threats and attacks, exploring new exploitation techniques, and documenting emerging tactics. You will also collaborate with our engineering teams to identify ways to improve our products in terms of secret validation and coverage. This role requires cross-functional expertise, primarily in cybersecurity, as well as in software development and data analysis. You will collaborate closely with colleagues in the internal Security team and report to the cybersecurity research lead. You'll spend roughly 70% of your time on research and 30% producing content to share findings with the security community. As a researcher, you will track offensive trends and techniques, and work closely with our marketing team to produce 2–3 technical deep-dive articles or talks per quarter.

Job Responsibility

  • Investigate novel and existing tactics to find and abuse exposed credentials
  • Publish findings as authoritative research
  • Analyze ongoing threats and attacks
  • Explore new exploitation techniques
  • Document emerging tactics
  • Collaborate with engineering teams to identify ways to improve products in terms of secret validation and coverage
  • Track offensive trends and techniques
  • Work closely with marketing team to produce 2–3 technical deep-dive articles or talks per quarter

Requirements

  • 5+ years of experience working in a security engineer role, with 2+ years dedicated to research-related work, or equivalent
  • Strong offensive security background (pentesting, vulnerability research, or red team experience) with the ability to think like an attacker and translate that into defensive insights
  • Experience with reverse engineering (binary analysis, malware inspection, malicious packages) and API/web security (OAuth, JWT, token validation, secret exposure patterns)
  • Comfortable working with modern infrastructure, such as cloud platforms (AWS, GCP, or Azure) or AI/LLM ecosystems, and able to assess their specific security implications
  • Leverage AI tools actively in your day-to-day research workflow, whether for automation, analysis, or accelerating prototyping
  • Proficient in at least one system or scripting language (Python, Go, or Rust), fluent with a terminal, and able to independently retrieve, transform, and analyze datasets to support research conclusions
  • Track down complex security problems in software and infrastructure and define their solutions
  • Enjoy hacking things and rapidly prototyping ideas
  • Drive research autonomously, identify topics, conduct investigations, and publish findings, while partnering with engineering and product teams to translate insights into platform improvements
  • Public research track record: CVEs, conference presentations, open-source tooling, or technical publications
  • Fluent in English (written and spoken), with strong communication skills: you can explain complex vulnerabilities clearly to both technical and non-technical audiences and present at international conferences

Nice to have

  • Understand supply chain security, including how attacks propagate through package registries (npm, PyPI, DockerHub), GitHub Actions workflows, and dependency automation tools
  • Experience monitoring ongoing attacks, correlating signals across multiple data sources, reconstruct breaches, and having published your findings to the security community

What we offer

  • Package that includes BSPCE
  • Lunch voucher (Swile, 12€ at 50%)
  • Sponsored Wellpass (gymlib)
  • Non-charged health insurance for children (Sidecare / Generali)
  • Up to €300 to improve your home office set-up
  • Yearly holiday allowance
  • Referral bonus of 4000€ for any new Guardian we might hire thanks to you
  • Team building: monthly budget dedicated to each employee that you can spend as you wish, with colleagues (latest examples to date: Michelin star restaurant, karaoke, stand-up show, kitesurfing week-end)
  • Remote policy: hybrid (3 days/week at the office in Paris)
  • Opportunities for career development in the long term

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior CyberSecurity Researcher

8 matching positions

New

Senior Researcher - Dark Web & Threat Intelligence

The Pursuits team produces dark web and threat intelligence on prospects, the co...
Location
Location
India , Bengaluru
Salary
Salary:
15000.00 - 35000.00 USD / Year
helpcare.ai Logo
Helpcare AI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years in threat intelligence, dark web research, OSINT, or intelligence operations, including senior or lead-level work
  • Deep hands-on familiarity with dark web forums, marketplaces, and Telegram-based trading of compromised data
  • Strong TA engagement / HUMINT experience, with sound operational security and source-handling discipline
  • Solid OSINT tradecraft: people and entity research, social media and search-operator (dork) techniques, and corroboration
  • Comfort with raw breach data: structure, validation, and victim mapping
  • A track record of impactful findings
  • Experience guiding or mentoring other researchers and owning a quality bar
  • Driven to keep learning and stay current on the latest research techniques and tools
  • Able to use AI tools effectively to speed up research, analysis, and writing
  • Strong communication, within the team, across other teams, and in writing
Job Responsibility
Job Responsibility
  • Monitor dark web forums, Telegram channels, and ransomware/extortion group sites daily for intelligence on prospects and notable events
  • Engage threat actors (TA engagement / HUMINT) to gather intel on private data leaks
  • Validate data leaks and TA claims to determine whether they're legitimate
  • Deanonymize threat actors: link aliases, accounts, and personas to real-world identities
  • Produce advisories and flash alerts for significant leads, and contribute blogs and quarterly reports
  • Map a prospect's real attack surface (subsidiaries, parent companies, subdomains, and vulnerable login portals)
  • Analyze raw breach datasets and corroborate findings before anything is published
  • Own the request queue: triage incoming requests, confirm scope, route them, and track deliverables against due dates
  • Review and quality-check the team's findings and reports before they reach stakeholders
  • Mentor junior researchers and raise the bar on tradecraft and writing
Read More
Arrow Right

Senior Cybersecurity Engineer

Senior Cybersecurity Engineer LOCATION: Eglin AFB, FL JOB STATUS: Full-time C...
Location
Location
United States , Eglin Air Force Base
Salary
Salary:
Not provided
astrion.us Logo
Astrion
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master’s Degree (in Computer Science, Cybersecurity or a related field). Relevant experience may be substituted for the degree
  • 10 Years’ total experience, at least 8 of which is in cybersecurity engineering, architecture or R&D infrastructure
  • Top Secret Clearance with SCI. Eligible for Special Access Program (SAP) access. US Citizenship is required
  • DoD 8570/8140 IAT Level III (CISSP, CISM, or equivalent). Certifications: Security+, CEH, or other relevant security certifications
  • Expert-level knowledge of cybersecurity principles, risk management, and secure computing architectures
  • Hands-on experience with security tools and technologies, such as SIEM, intrusion detection/prevention systems, vulnerability scanners, and endpoint protection solutions. Experience with Host-Based Security System (HBSS), Assured Compliance Assessment Solution (ACAS), Nessus, Tenable.sc, Tenable.io, NNM, LCE, Nessus Manager, Agents, and Scanner
  • Experience with scripting (Python, PowerShell) and automation tools (Ansible, Chef)
  • Familiarity with Risk Management Framework (RMF), Authority to Operate (ATO) documentation, and enclave compliance management
  • Physically able to lift up to 50 lbs
  • adaptable to fieldwork and hands-on installations
Job Responsibility
Job Responsibility
  • Collaborate with network engineers to architect secure network topologies for current and future connected and isolated environments, ensuring security is embedded in the design phase
  • Design and deploy security solutions for S&T environments that support continuous research, development, and DevSecOps, working closely with network engineers to implement and maintain these solutions
  • Advise on security planning for long-term initiatives, including SDREN integration and the Weapons Technology Integration Center (WTIC) and other facility projects, in conjunction with network planning efforts
  • Develop security innovation roadmaps aligned with mission goals and emerging technologies, coordinating with network engineers to ensure alignment with network modernization efforts
  • Coordinate with facilities, engineering, and network teams to ensure robust infrastructure supports secure research operations, focusing on the security aspects of network hardware/power/cooling needs and structured cabling
  • Lead security aspects of containerization, virtualization, and orchestration of systems to support laboratory computing, HPC, and edge devices, working with network engineers to implement secure configurations
  • Engineer multiple S&T networks security architecture in compliance with NIST 800-series, DoD RMF, DISA Security Technical Implementation Guides (STIGs), and cybersecurity best practices, collaborating with network engineers to ensure seamless integration. Review engineering, architecture, and designs to ensure DoD security policies are met
  • Implement DevSecOps pipelines to automate security scans and CI/CD deployments, working with network engineers to integrate security into existing pipelines
  • Manage ATO package development and collaborate with ISSMs, network engineers, and cybersecurity stakeholders to ensure compliance. Review and develop RMF Assessment and Authorization (A&A) documentation, e.g. System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms)
  • Integrate identity management and single sign-on solutions across enclaves and hybrid environments, coordinating with network engineers to implement and maintain these solutions. Analyze and tune HBSS policies for assets during integration test events. Perform verification and troubleshooting across all HBSS modules. Install updates to HBSS software as released and in compliance with STIG requirements. Monitor HBSS software to ensure that the clients/servers are operational and reporting properly
What we offer
What we offer
  • Competitive salaries
  • Continuing education assistance
  • Professional development
  • Multiple healthcare benefits package options
  • 401K with employer matching
  • Competitive time off policy along with a federally recognized holiday schedule
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Engineer

Astrion has an exciting opportunity for a Senior-Level Cybersecurity Engineer lo...
Location
Location
United States , Washington
Salary
Salary:
120000.00 - 150000.00 USD / Year
astrion.us Logo
Astrion
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD SECRET Clearance
  • Cybersecurity and computer networking skills are highly desired along with basic competency with MS Office and technical writing
  • Knowledge of DoD and DON cyber policies and procedures and/or NIST 800-53, DoDI 8500.01, and DoDI 8510.01
  • Must be flexible in adapting to deadlines, changing schedules, competing priorities, and unpredictable events
  • Demonstrated ability to assign work and manage personnel and tasks
  • Familiar with and able to present data and recommendations to Government and Military leadership
  • Thorough, detail oriented, and organized, with excellent time management skills and ability to prioritize and handle multiple projects at once
  • Superb verbal and written communication skills
  • Self-motivated and independent thinker with out-of-the-box ideas
  • Leadership skills
Job Responsibility
Job Responsibility
  • Provide Engineering Support Services (ESS) to NAVSEA PEO IWS Cyber Leads
  • Work both off-site in contractor spaces and on-site at the Washington Navy Yard
  • Design and coordinate the implementation of cybersecurity solutions on surface combat systems
  • Experience planning, researching and developing security policies, standards and procedures
  • Serve as liaison between Program Office and internal/external stakeholders
  • Manage the development and integration of cyber capabilities onto surface warfare combat systems
  • Conduct independent technical assessments of cybersecurity evaluation results and test reports to inform system upgrade recommendations
  • Develop briefs on cybersecurity, system development, emergent cyber issues, and schedule risks to convey critical information to Navy Leadership (Civilian, Military, etc.)
  • Facilitate working groups on cyber activities within the combat system
  • Provide inputs and present statuses regularly to Navy Leadership, Integrated Product Teams (IPTs), etc.
What we offer
What we offer
  • Competitive salaries
  • Continuing education assistance
  • Professional development
  • Multiple healthcare benefits package options
  • 401K with employer matching
  • Competitive time off policy along with a federally recognized holiday schedule
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Engineer

Astrion has an exciting opportunity for a Senior-Level Cybersecurity Engineer lo...
Location
Location
United States , Washington D.C.
Salary
Salary:
120000.00 - 150000.00 USD / Year
astrion.us Logo
Astrion
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD SECRET Clearance
  • Cybersecurity and computer networking skills are highly desired along with basic competency with MS Office and technical writing
  • Knowledge of DoD and DON cyber policies and procedures and/or NIST 800-53, DoDI 8500.01, and DoDI 8510.01
  • Must be flexible in adapting to deadlines, changing schedules, competing priorities, and unpredictable events
  • Ideal candidate has demonstrated ability to assign work and manage personnel and tasks
  • Familiar with and able to present data and recommendations to Government and Military leadership
  • Thorough, detail oriented, and organized, with excellent time management skills and ability to prioritize and handle multiple projects at once
  • Superb verbal and written communication skills
  • Self-motivated and independent thinker with out-of-the-box ideas
  • Leadership skills
Job Responsibility
Job Responsibility
  • Provide Engineering Support Services (ESS) to NAVSEA PEO IWS Cyber Leads
  • Work both off-site in contractor spaces and on-site at the Washington Navy Yard
  • Design and coordinate the implementation of cybersecurity solutions on surface combat systems
  • Experience planning, researching and developing security policies, standards and procedures
  • Serve as liaison between Program Office and internal/external stakeholders
  • Manage the development and integration of cyber capabilities onto surface warfare combat systems
  • Conduct independent technical assessments of cybersecurity evaluation results and test reports to inform system upgrade recommendations
  • Develop briefs on cybersecurity, system development, emergent cyber issues, and schedule risks to convey critical information to Navy Leadership (Civilian, Military, etc.)
  • Facilitate working groups on cyber activities within the combat system
  • Provide inputs and present statuses regularly to Navy Leadership, Integrated Product Teams (IPTs), etc.
What we offer
What we offer
  • Competitive salaries
  • Continuing education assistance
  • Professional development
  • Multiple healthcare benefits package options
  • 401K with employer matching
  • Competitive time off policy along with a federally recognized holiday schedule
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Analyst Engineer

Senior Cybersecurity Analyst/Engineer to join our prime contract supporting Gold...
Location
Location
United States , Huntsville
Salary
Salary:
Not provided
astrion.us Logo
Astrion
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years of cybersecurity experience supporting USSF, DoD, or related federal organizations
  • BA or BS degree
  • Active DoD TS/SCI clearance (with current investigation)
  • CompTIA Security+ or equivalent DoD 8570/8140 IAT/IAM certification
  • Hands-on experience with eMASS
  • Familiarity with Risk Management Framework (RMF) protocols
  • Knowledge of USSF A&A procedures
Job Responsibility
Job Responsibility
  • Support A&A activities and provide cybersecurity engineering expertise for enterprise mission systems
  • Develop, update, and manage Enterprise Mission Assurance Support Service (eMASS) entries and coordinate A&A packages in accordance with DoDI 8510.01 (RMF)
  • Maintain and report on C&A schedules, package status, and system registrations in ITIPS (formerly EITDR) in compliance with FISMA
  • Review and refine certification policies, procedures, and reports for new and evolving cyber system requirements
  • Conduct research and analysis to assess the impact of new DoD, USSF, DIA, and DISA cybersecurity directives
  • Support Vulnerability Management System (VMS) processes by documenting, tracking, and closing compliance findings
  • Contribute to Security Test & Evaluation (ST&E) efforts, penetration testing, and validation of cybersecurity controls
  • Revalidate cyber and IA controls for accredited systems and recommend improvements to strengthen mission assurance
  • Assess policy changes from higher headquarters and determine impact on current mission system security posture
What we offer
What we offer
  • Competitive salaries
  • Continuing education assistance
  • Professional development
  • Multiple healthcare benefits package options
  • 401K with employer matching
  • Competitive time off policy along with a federally recognized holiday schedule
Read More
Arrow Right

Senior Security Researcher - Cloud & Kubernetes (Cortex)

Revolutionizing protection. Define what’s next in cybersecurity. Our Mission: At...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in security research with a proven track record of driving impactful projects
  • Deep expertise in cloud-native security, with strong focus on Kubernetes, containers or major cloud providers (AWS, Azure, GCP, OCI) or Linux internal
  • Experience developing or working with detection and response products, such as XDR, EDR, or cloud workload protection platforms
  • Excellent communication skills, with the ability to articulate complex research findings and drive alignment across diverse teams
  • Proficient in hands-on coding and scripting (e.g., Python)
Job Responsibility
Job Responsibility
  • Contribute to a team of talented security researchers focused on defending organizations as they transition from on-premises data centers to modern cloud and Kubernetes infrastructure
  • Drive the execution of research initiatives to uncover novel techniques for detecting and responding to sophisticated attacks targeting hybrid and cloud-native environments
  • Define and prioritize detection use cases, relevant datasets, and innovative analytic approaches combining runtime visibility and posture management across diverse platforms
  • Stay up to date with the latest attacker methodologies, APT campaigns, and TTPs to ensure our detection capabilities stay ahead of evolving threats in both legacy and cloud contexts
  • Simulate real-world attacks and perform deep behavioral analysis to inform and validate detection content
  • Collaborate across engineering, product management, and go-to-market teams to deliver impactful security solutions
  • Share insights with the security community through blogs, conference talks, and publications
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

1Password is growing. We’ve surpassed $400M in ARR and we’re continuing to accel...
Location
Location
United States; Canada
Salary
Salary:
153000.00 - 214000.00 USD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of progressive experience in security research, offensive security, or vulnerability research
  • Education: Bachelor’s degree in Computer Science, Computer Engineering, Information Security, or a related field
  • or equivalent practical experience
  • Security research experience: Proven track record of discovering and responsibly disclosing original vulnerabilities, ideally with published CVEs, advisories, or equivalent publicly-recognized findings
  • Offensive security experience: A track record of hands-on experience in vulnerability research, exploit development, or advanced adversarial simulation techniques
  • Sufficient domain experience in two or more of the following domains: application security, Linux system internals, Windows system internals, macOS system internals, AI/Agentic security, Web application security, or Mobile application security
  • AI security experience: Familiarity with prompt injection, data poisoning, AI design architecture, AI-based attacks, and related vectors
  • Software engineering proficiency: Proficiency in one or more programming languages such as Go, Rust, Python, Ruby, JavaScript/TypeScript, or equivalent modern languages, with the ability to read and audit code for vulnerabilities
  • Integrity and ethical rigor: Consistent history of handling vulnerabilities and disclosures responsibly while engaging constructively with vendors and the research community
  • Demonstrable written and verbal communication skills, with a track record of producing technical publications, blog posts, and/or conference talks that clearly convey complex security topics
Job Responsibility
Job Responsibility
  • Vulnerability Research: Conduct original, hands-on research into application-level, protocol-level, and ecosystem-level vulnerabilities in 1Password’s products and the broader identity security landscape
  • You will discover, validate, and document novel vulnerability classes and attack chains
  • Demonstrate Exploitability: Collaborate with peers to develop proof-of-concept exploits and attack demonstrations that validate research findings, illustrate real-world risk, and support engineering teams in understanding and prioritizing remediation efforts
  • AI & Agentic Security Research: Investigate security risks at the intersection of AI and identity, including prompt injection, data poisoning, and other AI-based attack vectors
  • Your work will address the emerging challenges of agentic security at the interaction between privileged access management (PAM) and AI systems
  • Technical Publications & Thought Leadership: Author high-quality research publications, white papers, blog posts, and technical advisories
  • You will have the opportunity to present findings on podcasts, webinars, and at major security conferences that contribute to 1Password’s reputation as a thought leader in identity security
  • Community Engagement: Engage actively with the global security research community through responsible disclosure, collaborative research, open-source contributions, and participation in industry forums/events
  • Cross-functional Collaboration: Partner with Product, Engineering, and Detection teams to translate research findings into actionable security improvements. Provide evidence-based technical guidance that informs product direction and security strategy
What we offer
What we offer
  • Maternity and parental leave top-up programs
  • Competitive health benefits
  • Generous PTO policy
  • RSU program for most employees
  • Retirement matching program
  • Free 1Password account
  • Paid volunteer days
  • Peer-to-peer recognition through Bonusly
  • Remote-first work environment
  • Fulltime
Read More
Arrow Right

Senior Security Researcher Identity & SaaS (Cortex Cloud)

Are you passionate about dissecting the intersection of Identity, SAAS, and Clou...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience
  • Strong understanding of modern adversary TTPs and attack methodologies
  • Experience with designing and executing simulated attack scenarios in lab environments
Job Responsibility
Job Responsibility
  • Lead ongoing investigations into the risks associated with SaaS, Identity and Cloud platforms, focusing on how these services are integrated within broader environments
  • Analyze the functional 'how-to' of cloud services to identify inherent risks and develop robust strategies for secure implementation and usage
  • Stay ahead of the curve by researching real-world attacker methodologies and translating these behaviors into practical mitigation strategies
  • Design and execute high-fidelity attack simulations in lab settings to observe adversarial behavior firsthand, specifically focusing on identity-based and SaaS
  • Create comprehensive research outcomes that guide customers on how to use services securely from the ground up
  • Foster a culture of excellence within a diverse team of experts, sharing insights that influence the next generation of cloud and identity security products
  • Fulltime
Read More
Arrow Right