E
Posted a day ago
Senior Security Researcher
Endor LabsSenior Security Researcher
Requirements
Bachelor's degree in engineering or related field, 3+ years experience in malware analysis or threat intelligence, Proficiency in Python, JavaScript, Java, or Go, Experience with IoCs and threat campaign tracking
Skills
Malware AnalysisThreat IntelligencePython
About the role
About the Company
Endor Labs helps developers and AppSec teams accelerate development by reducing security issues. Recognized as a Gartner Cool Vendor, the company was founded by industry veterans and has raised $70M in Series A funding to increase developer productivity and open source software adoption.
Responsibilities
- Detect, triage, and analyze malicious open source software components across ecosystems like npm, PyPI, and Maven
- Review Indicators of Compromise (IoCs) and maintain threat campaign records to track attacker infrastructure and tactics
- Perform in-depth technical analysis and reverse-engineering of obfuscated code to identify malicious behaviors
- Author external-facing content including blog posts, technical write-ups, and security advisories
- Collaborate with internal teams to improve automated detection coverage and enrich threat databases
Requirements
- Bachelor's degree in engineering or a related field
- At least 3 years of professional experience in malware analysis, threat intelligence, or open source package security
- Experience triaging security alerts at scale within a SOC or threat intelligence team
- Proficiency in reading and analyzing code in Python, JavaScript/TypeScript, Java, or Go
- Experience producing technical security communications for public or customer-facing audiences
- Understanding of package manager ecosystems and attack patterns like typosquatting and dependency confusion
Preferred Qualifications
- Experience operating threat intelligence platforms or malware databases
- Familiarity with static and dynamic analysis tooling such as sandboxes, YARA rules, or SAST tools
- Understanding of software supply chain security standards like SLSA or SSDF
- Prior public research, CVE credits, or published malware findings
- Security certifications such as GREM (GIAC Reverse Engineering Malware)
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeSenior Security Researcher
Endor Labs · Bengaluru
