Senior Security Researcher
7 days ago
Who we are
Endor Labs is building the Application Security platform for the software development revolution. Modern software is complex and dependency-rich, making it increasingly difficult to pinpoint the risks that truly matter. Endor Labs solves this challenge by building a call graph of your entire software estate—enabling teams to clearly identify, prioritize, and fix critical risks faster.
Trusted by companies that are one or one hundred years old, Endor Labs secures code whether it was written by humans or AI, and whether it's 40-year old C++ code or cutting edge Bazel Monorepos. Endor Labs was founded by serial entrepreneurs Varun Badhwar and Dimitri Stiliadis, and is backed by leading VC firms such as Dell Technology Capital, Lightspeed, and Sierra Ventures.
What you'll do
- The primary tasks of this position relate to the broad field of software vulnerability research, i.e. the discovery and evaluation of security vulnerabilities in first- and third-party software components. The focus clearly lies on application security, in contrast to network security, cryptography or other security fields.
- Specifically, the tasks comprise the development and extension of SAST rules to further increase the accuracy of our SAST solution and the coverage of programming languages and technologies. Closely related tasks include the development of ground-truth datasets as well as the development and automation of benchmark tooling and infrastructure.
- All those tasks require the close alignment with product development and customer success teams, and include the opportunity to participate in dissemination and communication efforts, e.g. through the writing of blog posts or technical reports/white-papers.
What we're looking for
The following are must-have requirements for job candidates:
- Bachelor's degree in engineering with at least 5 years of experience in application security
- Hands-on experience with SAST triage and result review for different programming languages, working closely with development teams to validate and prioritize findings
- Hands-on experience authoring and tuning SAST rules to improve detection accuracy and reduce false positives
- Deep understanding of software weaknesses and vulnerabilities across programming languages, and related industry standards in the field (CVE, CWE, EPSS, etc.)
- Experience in configuring and operating security tooling (SCA, SAST, etc.), CI/CD scan automation and custom tool development (Go, Java, JS or Python)
Nice to have
- Understanding of software supply chains and their attack surface
- Publicly reported 0-day vulnerabilities
- Experience in malware detection and analysis
- Security certification like OffSec Certified Professional (OSCP) or Certified Ethical Hacker (CEH)
At Endor Labs, we:
- Go to extraordinary lengths to distinguish ourselves through world-class work.
- Prioritize quality over speed, and speed over scope.
- Desire working with deeply kind, mission-driven people.
- Strive to make the complex simple.
- Use first principles to debate ideas, test assumptions, and make decisions.
- Seek the truth by putting data above opinions.
- Assume good intent and give tactical feedback to help each other get better.
- Hold no ego—when our customers win, we all win.
-
Senior Security Researcher
3 days ago
Bengaluru, Karnataka, India Trellix Full time ₹ 20,00,000 - ₹ 25,00,000 per yearJob Title:Senior Security ResearcherAboutTrellix:Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work.Our comprehensive, GenAI-powered platform helps organizations confronted by today's most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem,...
-
Senior Security Threat Researcher
1 day ago
Bengaluru, Karnataka, India Aurva Full time ₹ 8,00,000 - ₹ 20,00,000 per yearWhy Aurva?At Aurva, we're on a mission to Secure Data Wherever it Flows. We're not just another security company—we're India's leading data security platform, trusted by Razorpay, Meesho, Slice, Nykaa, and MPL to safeguard their most valuable asset: data.We combine cutting-edge Database Activity Monitoring (DAM) and data privacy solutions with the...
-
Senior Security Researcher
1 week ago
Bengaluru, Karnataka, India Zscaler Full time ₹ 20,00,000 - ₹ 25,00,000 per yearAbout ZscalerServing thousands of enterprise customers around the world including 45% of Fortune 500 companies, Zscaler (NASDAQ: ZS) was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. As the operator of the world's largest security cloud, Zscaler accelerates digital...
-
Senior Staff Security Researcher
3 days ago
Bengaluru, Karnataka, India Trellix Full time ₹ 12,00,000 - ₹ 24,00,000 per yearJob Title:Senior Staff Security ResearcherAboutTrellix:Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work.Our comprehensive, GenAI-powered platform helps organizations confronted by today's most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner...
-
Senior Staff Security Researcher
19 hours ago
Bengaluru, Karnataka, India Palo Alto Networks Full time ₹ 12,00,000 - ₹ 36,00,000 per yearCompany Description Our MissionAt Palo Alto Networks everything starts and ends with our mission:Being the cybersecurity partner of choice, protecting our digital way of life.Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and...
-
Senior Staff Security Researcher
21 hours ago
Bengaluru, Karnataka, India Trellix Full time ₹ 12,00,000 - ₹ 36,00,000 per yearJob Title:Senior Staff Security ResearcherAbout Trellix:Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work. Our comprehensive, GenAI-powered platform helps organizations confronted by today's most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner...
-
Senior Security Research Engineer
2 weeks ago
Bengaluru, Karnataka, India Harness Full time ₹ 12,00,000 - ₹ 24,00,000 per yearHarness is a high-growth company that is disrupting the software delivery market. Our mission is to enable the 30 million software developers in the world to deliver code to their users reliably, efficiently, securely and quickly, increasing customers' pace of innovation while improving the developer experience. We offer solutions for every step of the...
-
Senior Security Research Engineer
2 weeks ago
Bengaluru, Karnataka, India Harness Full time ₹ 12,00,000 - ₹ 24,00,000 per yearHarness is a high-growth company that is disrupting the software delivery market. Our mission is to enable the 30 million software developers in the world to deliver code to their users reliably, efficiently, securely and quickly, increasing customers' pace of innovation while improving the developer experience. We offer solutions for every step of the...
-
Senior Staff Security Researcher
1 week ago
Bengaluru, Karnataka, India Palo Alto Networks Full time ₹ 12,00,000 - ₹ 36,00,000 per yearOur MissionAt Palo Alto Networks everything starts and ends with our mission:Being the cybersecurity partner of choice, protecting our digital way of life.Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we're looking for...
-
Senior Staff Security Researcher
2 weeks ago
Bengaluru, Karnataka, India Palo Alto Networks Full time ₹ 20,00,000 - ₹ 25,00,000 per yearCompany Description Our MissionAt Palo Alto Networks everything starts and ends with our mission:Being the cybersecurity partner of choice, protecting our digital way of life.Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and...
