Added
5 hours ago
Type
Full time
Salary
Salary not provided

Related skills

rust javascript python go ruby

📋 Description

  • Design detection systems for open-source packages at scale
  • Hunt malicious packages, typosquats, and CI/CD abuse patterns
  • Coordinate with maintainers to file CVEs and advisories
  • Build internal tooling using static analysis and AI models
  • Publish research blog posts to share findings
  • Tune detection signals and reduce false positives; counter sandbox evasion

🎯 Requirements

  • 4+ years of security research with CVEs, GHSA, or equivalent advisories
  • Deep expertise in malicious packages, RCE, prototype pollution, SSRF, auth bypasses, CI/CD paths
  • Experience designing and operating detection pipelines at scale
  • Strong programming skills in TypeScript, Python, Go, or Rust
  • Proven track record of technical blog posts and using LLMs as research tools

🎁 Benefits

  • See your impact every day
  • Fast-paced growth environment with learning opportunities
  • Inclusive, welcoming culture
  • Career advancement and exposure to new technologies
Share job

Meet JobCopilot: Your Personal AI Job Hunter

Automatically Apply to Engineering Jobs. Just set your preferences and Job Copilot will do the rest — finding, filtering, and applying while you focus on what matters.

Related Engineering Jobs

See more Engineering jobs →