Senior Security Research Engineer

About the role

We are seeking a Senior Security Research Engineer to strengthen the security of a large‑scale web ecosystem. You will identify, analyze, and mitigate vulnerabilities across applications and infrastructure, investigate malicious code, and track emerging threats. This role blends deep technical research with hands‑on software engineering and close collaboration with product and development teams.

Key responsibilities

• Research, analyze, and investigate vulnerabilities, malware, and malicious patterns across web applications and systems.
• Identify common attack vectors such as injection flaws, XSS, hijacking, and social engineering, and define mitigation strategies.
• Contribute to the design and improvement of security tools, detection systems, and remediation workflows.
• Collaborate with engineering teams to review code, architecture, and security design decisions.
• Develop and enhance internal tooling for vulnerability detection and threat intelligence.
• Support security incident analysis and improve response and remediation processes.
• Document findings, threat models, and security recommendations clearly and actionably.
• Leverage AI tools to accelerate research, improve analysis quality, and enhance detection workflows.

Required profile

• 3+ years of experience as a security researcher, security engineer, or in a similar role focused on vulnerability analysis or malware investigation.
• Strong understanding of security concepts, threat modeling, and common web attack vectors.
• Experience working with PHP and familiarity with software engineering principles.
• Exposure to WordPress or similar web application ecosystems is highly valuable.
• Ability to analyze complex systems and identify security risks across code, infrastructure, and data flows.
• Collaborative mindset with experience in code reviews and technical design discussions.
• Comfortable using AI tools to enhance productivity, analysis, and research workflows.

Required skills

• PHP
• WordPress
• AI tools
• Penetration testing tools
• Threat modeling
• Vulnerability analysis
• Malware investigation

What we offer

• Competitive salary range aligned with global compensation.