Job Description

This position is posted by Jobgether on behalf of Endor Labs. We are currently looking for a Senior Security Researcher in the United States.

This role offers a unique opportunity to lead offensive security research in the software supply chain domain, shaping the security of modern applications. You will investigate zero-day vulnerabilities, analyze attack trends, and influence the development of next-generation security capabilities. Collaborating closely with product and engineering teams, you will translate research into practical protections while contributing to the broader security community through publications and conference presentations. This position provides autonomy, access to cutting-edge technologies, and the chance to make a meaningful impact on software supply chain security at scale.

Accountabilities

• Conduct offensive security research on software supply chain threats, identifying and analyzing zero-day vulnerabilities.
• Develop and refine exploit techniques to evaluate modern attack vectors targeting CI/CD systems and third-party libraries.
• Collaborate with product and engineering teams to translate research findings into innovative security features.
• Publish research through blogs, white papers, and presentations at leading security conferences.
• Prototype and implement detection and mitigation strategies for emerging threats.
• Contribute to open-source tools, frameworks, or methodologies to advance software supply chain security.
• Continuously monitor emerging threats, attacker techniques, and evolving security trends to refine research efforts.

Requirements

• 5+ years of experience in security research, vulnerability discovery, and offensive security.
• Deep expertise in reverse engineering, exploit development, and software vulnerability analysis.
• Strong understanding of software supply chain security, including package management systems and CI/CD pipelines.
• Experience discovering and responsibly disclosing zero-day vulnerabilities.
• Proven record of publishing research or presenting at top security conferences (e.g., Black Hat, DEF CON, RSAC, BSides).
• Proficiency in programming languages such as Python, Rust, or Go.
• Excellent analytical skills and the ability to perform independent security research.
• Strong written and verbal communication skills for technical and non-technical audiences.

Benefits

• Competitive salary with equity opportunities.
• Flexible, remote-first work environment.
• Comprehensive benefits package including health, dental, and vision coverage.
• Opportunity to contribute to high-impact security research and influence industry practices.
• Support for professional development, including conferences and learning resources.
• Collaborative and innovative culture that values knowledge sharing and continuous learning.

Jobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching.

When you apply, your profile goes through our AI-powered screening process designed to identify top talent efficiently and fairly.
Our AI evaluates your CV and LinkedIn profile thoroughly, analyzing your skills, experience, and achievements.
It compares your profile to the job’s core requirements and past success factors to determine your match score.
Based on this analysis, we automatically shortlist the 3 candidates with the highest match to the role.
When necessary, our human team may perform an additional manual review to ensure no strong profile is missed.

The process is transparent, skills-based, and free of bias — focusing solely on your fit for the role. Once the shortlist is completed, we share it directly with the company that owns the job opening. The final decision and next steps (such as interviews or additional assessments) are then made by their internal hiring team.

Thank you for your interest!

#LI-CL1

Job Tags

Similar Jobs