Senior Principal Security Researcher

Job Description

Do you have a passion for gaining a comprehensive understanding of software programs? As a Senior Principal Security Researcher, you will collaborate with fellow researchers on the software assurance team to advance and expand our work in identifying normal, abnormal, and malicious behaviours—including privacy violations.

We are seeking self-motivated security researchers with a drive to learn, innovate, and conduct rigorous security analyses of software, systems, and networks (including source code, mobile apps, binaries, and supporting infrastructure). Your approach should exceed conventional methods like standard testing, static code analysis, penetration testing, and reverse engineering.

Responsibilities

As part of the team, you will help build on our in-house expertise in software security analysis. This will empower those deploying and operating software-based systems to assess risks by asking targeted questions about software behaviour. The role focuses on identifying high-impact security vulnerabilities across diverse architectures and platforms. You will collaborate with researchers based in Australia, the UK, and the United States.

Your responsibilities include contributing to the design, implementation, integration and hands-on analyses to identify potential vulnerabilities of the software that is under evaluation via practical solutions.

What You’ll Bring

• Bachelor’s or Master's Degree in Computer Science, Software Engineering or related disciplines
• 15+ years of operational experience in relevant topics such as software security testing (including fuzzing, pen-testing), reverse engineering, static code analysis
• Experience in conducting security assessments
• Excellent programming skills in C, C++ and/or Python
• Strong understanding of standard frameworks like OWASP, MITRE Att&ck
• Ability to work as part of a team as well as independently
• Strong analytical skills combined with good communication skills and fluent English
• Strong leadership and mentoring skills

Nice to Have

• Active participant or organizer of Capture the Flag competitions
• Understanding of iOS and Android ecosystems
• Understanding of security issues in LLM-generated code
• Experience working with geographically distributed teams
• Ability to mentor junior engineers

What We'll Give You

• Ability to work in a flexible work from home arrangement
• An organization filled with smart, enthusiastic, and supportive colleagues
• A team of very skilled and diverse personnel across the globe
• The resources of a large, global operation while still having the start-up feel of a small team

Who We Are

We are a world-class team of high-caliber security researchers who thrive on new challenges. We are an inclusive and diverse team with a full spectrum of experience distributed globally. We are working on advancing the state-of-the-art for developers through SAST, SCA and Binary Analysis tools. We also have teams can detect attacks on complex platforms and systems. We are a dedicated team, leveraging each other’s insights and abilities to produce cutting edge solutions for today’s complex and interconnected, interdependent, infrastructure. We value people who can use their skills to further develop and enhance our tools, as well as our procedures and playbooks. Join us to grow your career and create the future of software understanding together and reduce the security risks associated with software-based solutions

Key skills/competency

• Software Security Analysis
• Vulnerability Research
• Reverse Engineering
• Static Code Analysis
• Penetration Testing
• C++ Programming
• Python Programming
• OWASP
• MITRE ATT&CK
• Leadership & Mentoring