drjobs Security Research Engineer - Security Testing

Security Research Engineer - Security Testing

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

San Francisco, CA - USA

Monthly Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Vacancy

1 Vacancy

Job Description

Job description

Short facts about us:

  • We are a global remotefirst team of 100 people on 4 continents and in 10 countries.

  • We have been protecting our clients since 2016.

  • The company has raised over $10M in investments.

  • More than 200 customers around the world including Fortune 500 Nasdaq and highgrowth startups choose Wallarm to protect their API and web applications.

  • The company passed Y Combinator the most prestigious incubator in Silicon Valley from which Dropbox Stripe Docker etc. came out.

Our product:

Wallarm API security solutions provide proven performance to support innovative companies serving millions of users and billions of API requests per month. Hundreds of Security and DevOps teams globally use Wallarm daily to:

  1. Discover. See every asset across your entire attack surfacefrom cloud environments to every API endpoint with autodiscovery capabilities.

  2. Protect. A single suite that goes beyond OWASP Top 10 for full coverage for API specific threats account takeover malicious bots L7 DDoS and more.

  3. Respond. Streamline incident response with complete visibility smart triggers and active threat verification.

  4. Test. Automate security testing of your APIs and web assets. Prioritize remediation for every asset in every environment.


About the role:

As a Security Research Engineer for our Security Testing Product you will drive innovation in API security by researching designing and developing advanced testing capabilities. You will collaborate with engineering teams to identify and address emerging threats ensuring our solutions remain at the forefront of the industry. This role requires deep technical expertise a passion for security research and the ability to translate complex vulnerabilities into actionable solutions.

Key Responsibilities:

  • Security Research: Investigate emerging API threats vulnerabilities and attack vectors (e.g. OWASP API Top 10 to enhance our security testing capabilities.

  • Feature Development: Design and implement new testing features such as automated vulnerability scanning and APIspecific threat detection in collaboration with developers.

  • Technical Leadership: Define technical requirements for complex security features and guide their implementation.

  • Threat Analysis: Analyze industry trends competitor offerings and realworld attack patterns to inform product enhancements.

  • Collaboration: Work closely with engineering product and customer success teams to integrate security best practices (e.g. OWASP API Top 10 into our solutions.

  • Innovation: Propose and prototype cuttingedge testing methodologies including AIdriven or MLOpsbased approaches to threat detection.

Job requirements

MustHave Skills:

  • Proven experience as a Security Engineer Security Researcher or similar role in the security domain (e.g. SAST/DAST Vulnerability Management or API security).

  • Strong understanding of API protocols such as JSONAPI GraphQL XMLRPC JSONRPC OData gRPC WebSocket SOAP and others.

  • Expertise in application security concepts (e.g. OWASP Top 10 OWASP API Top 10 and vulnerability exploitation techniques.

  • Past experience in automation for security testing tools and pentests.

  • Knowledge of Secure Software Development Lifecycle (SSDLC) and integrating security solutions into CI/CD pipelines.

  • Excellent communication skills to articulate complex security concepts to technical and nontechnical stakeholders.

NicetoHave Skills:

  • Expertise in APIspecific attacks or participation in vulnerability assessments (e.g. bug bounty programs).

  • Proficiency in programming languages like Python Go or Ruby for scripting and tool development.

  • Familiarity with MLOps practices or AIdriven approaches to threat detection.

What we offer:

  • Ability to work on a product that makes the Internet safer

  • Completely remote work and flexible working hours

  • Competitive salary and bonuses

  • Paid days off

  • Medical insurance

  • Working equipment

  • Professional development and career growth

Join us in building cuttingedge solutions that empower businesses to secure their APIs and web applications against everevolving threats!

All done!

Your application has been successfully submitted!

Employment Type

Full-Time

About Company

Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.