Senior Security Research Engineer Jobs

New

Senior Mobile Security Researcher Android/iOS

At Promon, we protect the mobile apps people rely on every day. Our award-winnin...

Location

Norway , Oslo

Salary:

Not provided

Promon

Expiration Date

Until further notice

Requirements

A deep understanding of the mobile app security threat landscape (Android and/or iOS)
Hands-on experience with static & dynamic reverse engineering—think IDA Pro, Ghidra, Binary Ninja, Frida, Unicorn, or Qiling
In-depth knowledge of Android/iOS internals
The ability to write code —whether in ARM64 assembly, C/C++, or Python
Solid communication & collaboration skills
The ability to work autonomously
Fluent in English (both verbal and written)

Job Responsibility

Hunt down threats targeting mobile apps and our security products
Reverse-engineer attacks from external pentests, third-party exploits, and our bug bounty program, then document your findings
Fight back with proof-of-concepts (PoCs)—build countermeasures and collaborate with our product teams to turn them into reality
Monitor emerging threats and stay ahead of the game by tracking the latest attack techniques and security trends

What we offer

Work at the forefront of game-changing technology
Nordic work culture renowned for innovation, flat hierarchy, and inclusivity
Support for your passion, curiosity, and goals
Work with some of the world's best app security experts and mobile security thought leaders
International team
Celebrate birthdays, team wins, reaching milestones, or the joy of holidays

Fulltime

Senior AI Security Engineer

Senior AI Security Engineer role in Citi's Application, Platform and Engineering...

Location

United Kingdom , London

Salary:

Not provided

Citi

Expiration Date

Until further notice

Requirements

Production system builder with security focus - proven track record of architecting and building secure, large-scale production applications and business-facing platforms from the ground up
Ethical hacking and penetration testing expertise - hands-on experience finding and exploiting vulnerabilities, conducting red team exercises
State-of-the-art security engineering with Go, Python, JavaScript
HashiCorp Vault mastery - deep experience writing custom plugins, creating secrets engines, implementing dynamic credentials
Enterprise authentication & authorization - designing and implementing OAuth, JWT, RBAC, and complex identity systems
API security and threat modelling - securing REST/GraphQL APIs, conducting threat assessments
AI/ML security and vulnerability research - understanding of LLM vulnerabilities, model security, prompt injection attacks
Security automation and tooling – automating manual security processes
Cloud-native security - securing containerized applications in Kubernetes, service mesh security
Incident response and forensics - experience investigating, analyzing, and responding to security incidents

Job Responsibility

Build secure AI products from 0-1 - Engineer production-grade, business-facing AI platforms with security built-in from day one
Conduct ethical hacking and red team activities - penetration testing, vulnerability research, and attack simulation
Design and build security tools and frameworks - Create automated security solutions that scale across fast-paced development cycles
Secure novel AI attack surfaces - Identify and mitigate LLM-specific vulnerabilities, prompt injection attacks, and AI model security risks
Lead 'shift left' security - Embed security practices throughout rapid development lifecycle while maintaining velocity
Mentor security practices - Guide other engineers on secure coding, vulnerability remediation, and security-first thinking

What we offer

27 days annual leave (plus bank holidays)
Discretional annual performance related bonus
Private Medical Care & Life Insurance
Employee Assistance Program
Pension Plan
Paid Parental Leave
Special discounts for employees, family, and friends
Hybrid working model (up to 2 days working at home per week)
Competitive base salary (annually reviewed)

Fulltime

Senior Security Research Engineer

Senior Security Research Engineer position at HPE's Security Lab in Bristol, UK....

Location

United Kingdom , Bristol

Salary:

Not provided

Hewlett Packard Enterprise

Expiration Date

Until further notice

Requirements

PhD (or equivalent research experience)
8+ or more years of experience
Track record of innovation driven into products
Experience as a technical leader
Knowledge of system security techniques and principles
Good knowledge of computer architecture, operating systems, networking, application of AI to security or security of AI
Good implementation skills with experience in Python, Rust, C, Go
Good written and verbal communication skills
mastery in English
Comfortable presenting to executives, technologists and customers

Job Responsibility

Define research agenda and take lead on research projects
Lead design of systems and solutions with colleagues
Own implementation of significant components
Build robust product-ready prototypes to test and demonstrate ideas
Research and develop foundational security capabilities for HPE products and services
Collaborate with business units, supply chain, partners and open-source community

What we offer

Health & Wellbeing benefits
Personal & Professional Development programs
Unconditional Inclusion environment
Comprehensive suite of benefits supporting physical, financial and emotional wellbeing

Fulltime

Senior Security Researcher

Endor Labs is building the Application Security platform for the software develo...

Location

United States

Salary:

Not provided

Endor Labs

Expiration Date

Until further notice

Requirements

5+ years of experience in security research, vulnerability discovery, and offensive security
deep expertise in reverse engineering, exploit development, and software vulnerability analysis
strong understanding of software supply chain security, including package management systems, CI/CD pipelines, and dependency analysis
experience discovering and responsibly disclosing zero-day vulnerabilities
proven track record of publishing high-quality research or presenting at top security conferences (e.g., Black Hat, DEF CON, RSAC, BSides)
proficiency in programming languages such as Python, Rust, or Go
strong analytical skills and the ability to conduct complex security research autonomously
excellent communication skills, both written and verbal, to convey technical concepts to diverse audiences.

Job Responsibility

Conduct offensive security research on software supply chain threats, identifying and analyzing zero-day vulnerabilities
develop and refine exploit techniques to understand modern attack vectors targeting software supply chain through malicious code, 3rd party libraries, and CI/CD systems
work closely with Product Management to translate research findings into innovative security capabilities within Endor Labs' products
publish research findings through technical blogs, white papers, and industry-leading security conferences
collaborate with security engineers and developers to prototype and implement detection and mitigation strategies for emerging threats
contribute to the security community by developing open-source tools, methodologies, or frameworks that enhance software supply chain security
stay ahead of the latest threats, attacker methodologies, and evolving security trends to continuously refine our research efforts.

What we offer

Work with a world-class team dedicated to pushing the boundaries of security research
directly influence the security of modern software supply chains
a culture that values innovation, collaboration, and continuous learning
competitive compensation, flexible work environment, and a generous benefits package
opportunity to present groundbreaking research and contribute to the global security community.

Fulltime

New

Senior Product Security Engineer

Join our Product Security team, where you'll partner with development and game t...

Location

United States , Las Vegas

Salary:

Not provided

Take-Two Interactive Software, Inc.

Expiration Date

Until further notice

Requirements

Bachelor's degree in Computer Science, Information Technology, or a similar field, or equivalent experience
At least 5 years of demonstrated experience in application security, ideally within the gaming or technology sectors
Validated expertise in pentesting, security architecture, risk management, and securing CI/CD pipelines
Extensive knowledge of common and complex security vulnerabilities, along with effective mitigation techniques
Ability to translate design documents into security-focused guidelines and requirements for product development
Adapt quickly to new technologies, languages, and solve challenges outside your expertise

Job Responsibility

Develop threat models for a variety of applications and games to prioritize scope and use cases for security testing
Execute hands-on penetration tests and red team exercises to identify vulnerabilities in applications, infrastructure, and services
Conduct manual and automated secure code reviews in languages such as C#, Java, Python, and JavaScript, providing clear, actionable guidance to developers on vulnerability remediation
Triage, validate, and manage vulnerability reports from our bug bounty program, working with external researchers and internal teams on resolution
Develop and implement security automation tools to improve the efficiency and effectiveness of security processes
Provide security architecture and design guidance to development teams, ensuring secure coding practices are followed
Partner with teams to define and execute security strategy, driving security priorities across the organization
Stay ahead of emerging security threats, seeking and advocating for new technologies to address complex risks

What we offer

Medical (HSA & FSA)
dental
vision
401(k) with company match
employee stock purchase plan
commuter benefits
in-house wellness program
broad learning & development opportunities
a charitable giving platform with company match
Fitness allowance

Fulltime

New

Senior Product Security Engineer

Ready to make an impact on the security of products from the ground up? Join our...

Location

United States , Austin

Salary:

Not provided

Take-Two Interactive Software, Inc.

Expiration Date

Until further notice

Requirements

Bachelor's degree in Computer Science, Information Technology, or a similar field, or equivalent experience
At least 5 years of demonstrated experience in application security, ideally within the gaming or technology sectors
Validated expertise in pentesting, security architecture, risk management, and securing CI/CD pipelines to ensure seamless and secure software delivery
Extensive knowledge of common and complex security vulnerabilities, along with effective mitigation techniques
Ability to translate design documents into security-focused guidelines and requirements for product development
Adapt quickly to new technologies, languages, and solve challenges outside your expertise
Travel: No routine travel required
occasional travel as needed.

Job Responsibility

Develop threat models for a variety of applications and games to prioritize scope and use cases for security testing
Execute hands-on penetration tests and red team exercises to identify vulnerabilities in applications, infrastructure, and services
Conduct manual and automated secure code reviews in languages such as C#, Java, Python, and JavaScript, providing clear, actionable guidance to developers on vulnerability remediation
Triage, validate, and manage vulnerability reports from our bug bounty program, working with external researchers and internal teams on resolution
Develop and implement security automation tools to improve the efficiency and effectiveness of security processes
Provide security architecture and design guidance to development teams, ensuring secure coding practices are followed
Partner with teams to define and execute security strategy, driving security priorities across the organization
Stay ahead of emerging security threats, seeking and advocating for new technologies to address complex risks.

What we offer

Medical (HSA & FSA), dental, vision, 401(k) with company match, employee stock purchase plan, commuter benefits, in-house wellness program, broad learning & development opportunities, a charitable giving platform with company match
Fitness allowance, employee discount programs, discounted games & events and stocked pantries.

Fulltime

Senior Security Engineer

CVS Health offers the opportunity to design, build, and operate a world-class Pu...

Location

United States , Work at Home

Salary:

111240.00 - 222480.00 USD / Year

CVS Health

Expiration Date

December 31, 2025

Requirements

5+ years of experience in the offensive security testing space
2+ years in security automation, platform engineering, or DevSecOps
2+ years of strong automation skills using GitHub runners and JIRA
1+ years of experience designing tests for detection robustness and mitigating brittleness

Job Responsibility

Help maintain and evolve a secure, scalable adversary-emulation platform for campaign scheduling, agent orchestration, payload execution, and results cataloging
Review commercial alternatives for Purple Team exercises using custom runners or commercial tools (e.g., Cymulate, Picus)
Provision static or ephemeral test environments via Terraform/Kubernetes across cloud and on-prem infrastructure
Develop continuous adversarial threat-simulation tests for defensive control validation and resiliency assessment
Generate high-fidelity telemetry for EDR, SIEM, and SOAR to measure detection coverage, latency, and control effectiveness
Research detection brittleness, design mutation/variant tests, and enhance test cases to strengthen detection logic
Manage work intake pipeline and ensure timely closure of ticketed requests within SLA
Produce ATT&CK-mapped artifacts, dashboards, and coverage metrics for Detection Engineering and leadership
Enforce platform security through RBAC, secrets management, audit logging, and execution safety controls
Collaborate with CTI, Threat Hunt, and SOC teams to evolve test cases based on real-world threats and gaps

What we offer

Affordable medical plan options
401(k) plan with matching company contributions
Employee stock purchase plan
No-cost wellness screenings
Tobacco cessation and weight management programs
Confidential counseling and financial coaching
Paid time off
Flexible work schedules
Family leave
Dependent care resources

Fulltime

Software Engineer / Senior Software Engineer

ARiA is looking for highly motivated self-starters and low-ego team players to j...

Location

United States , Madison; Alexandria; Seattle

Salary:

Not provided

Applied Research in Acoustics

Expiration Date

Until further notice

Requirements

Applicants selected for employment will be subject to a government security investigation and must meet eligibility requirements, including U.S. citizenship, for access to sensitive information
Bachelor’s degree or greater in a relevant technical field (Computer Science, Engineering, or equivalent)
Expertise designing and developing code using modern programming/scripting languages such as C, C++, Golang, JavaScript (and variants), and Python
Expertise developing and deploying software in an agile, continuous-integration (CI) framework across a variety of hardware platforms (desktop, server, cloud) using modern tools including containerization (e.g., Docker, Kubernetes)
Exceptional ability and desire to acquire new knowledge and skills to solve challenges
Ability to work independently but collaboratively
Ability to manage multiple projects in a fast-paced professional office environment
Ability to communicate technical solutions to colleagues and customers
Superior oral and written communications skills

Job Responsibility

Algorithm and software design, development, research, and testing to support prototypes and products
Supporting the transition of research algorithms to fielded systems
Preparing documentation to summarize design and status of prototypes and products
Assisting with in-field integration, testing, and support, with some local travel required
Developing an interface between a C++ underwater-acoustics physics engine and a video game for education and training
Developing a JavaScript backend for a scenario-design and management tool for players and integration of that system with a learning-management system (LMS)
Developing algorithms and software for a cloud-deployed cognitive tool that allows natural-language query of legal documents to answer user questions about government regulations and supporting the DevOps process for deployment of the prototype

Fulltime

Senior Security Research Engineer

Hewlett Packard Enterprise

Location:
United Kingdom, Bristol

Category:
IT - Software Development

Contract Type:
Employment contract

Salary:

Job Description:

Job Responsibility:

Requirements:

Nice to have:

Additional Information:

Job Posted:
September 16, 2025

Looking for more opportunities? Search for other job offers that match your skills and interests.

Similar Jobs for Senior Security Research Engineer