Security Research Engineer

About The Position

Requirements

• 2-3 years in security research, detection engineering, threat intel, or similar.
• Experience building detections and analyzing large datasets.
• Strong understanding of identity systems (Okta, Azure AD/Entra, Google Workspace, etc.) and authentication flows.
• Familiarity with cloud/SaaS attack surfaces and attacker TTPs (MITRE ATT&CK, OAuth abuse, identity threats).
• Ability to analyze logs and signals from IdPs, cloud, or SaaS apps.
• Experience creating or validating rule-, anomaly-, or behavior-based detections.
• Experience with scalable data pipelines (Spark or similar).
• Familiar with Python and SQL

Nice To Haves

• threat simulation, red/blue teaming

Responsibilities

• Research emerging attack techniques across IdPs, SaaS, and cloud environments.
• Analyze adversary behaviors such as credential abuse, session hijacking, privilege escalation, and persistence.
• Share your insights with the community through blogs, whitepapers, talks, and contributions that elevate industry understanding.
• Analyze large volumes of identity and SaaS telemetry to identify indicators and behavioral patterns.
• Form hypotheses and run experiments to improve detection accuracy.
• Translate research into rules, heuristics, anomalies, and behavioral models.
• Partner with engineering to improve detection pipeline capability and performance
• Test detections against simulated attacks and real data.
• Work with product on detection priorities.
• Partner with engineering on pipelines and telemetry quality.
• Share findings with customer-facing teams and support investigations when needed.

Benefits

• Competitive compensation with equity and 401k
• Comprehensive healthcare with dental and vision coverage
• Flexible paid time off and paid holiday time off
• 12 weeks of new parent or family leave
• Personal and professional development resources