Security Researcher

Security Researcher at cside About cside cside is laser focused on solving web security in the AI age, starting with client‑side injections and covering previously unmonitored attack surfaces in a developer‑ and user‑friendly way. The team is a diverse mix of highly capable subject‑matter experts who are kind but mean business. Since January 2024, cside has raised $7.7 million in pre‑seed and seed funding from Uncork, Mantis, Scribble, Roar VC and other investors. We receive recognition from global media outlets such as TechCrunch, Wired, Fortune, Forbes, and more. About the role We’re looking for a Security Researcher to keep an eye on emerging threats, dig into their methods, scope improvements in our detection systems, and collaborate with the engineering team. You’ll be the face of the security detection team, discovering new attacks and sharing them with the world. Key responsibilities Keep an eye on attacks around the world and analyze new attack methods detected in our traffic data. Scope a detection method for new attacks, use existing attributes where possible, and ship the solution. Lead the detection strategy, detection and response across our platforms. Review detections that come in; evaluate broader signals and narrow down potential threats. Lead our security research and content effort—blog immediately about malicious scripts that impact over a thousand websites to protect the internet. Build new detection methods and rules for new attacks, leveraging deep knowledge of JavaScript. Proactively define detections for client‑side malicious behaviors and review against our script data. Use and build internal tools to detect never‑seen attacks. Qualifications Deep understanding of JavaScript, browsers, and ideally some background in Rust and Yara rules. Experience in signal analysis and detection strategy. Passion for the cat‑and‑mouse game of security research. Motivation to stop bad actors from impacting unaware individuals. Track record from CTF participation, white‑hat hacking, or bug‑bounty programs. Self‑managing mindset and desire to disrupt the client‑side/web security market. At least 3–5 years of prior work experience in security research or related roles. Benefits 2–3 off‑sites per year (schedule may vary). Generous work‑from‑home allowance and the latest MacBook. Stock options and market‑rate salary. Unlimited (or flexible) PTO. Fully remote. Long‑term career development support and speaking/opportunity on events. Other Details Seniority level: Mid‑Senior level Employment type: Full‑time Job function: Information Technology Industries: Data Security Software Products EEO Statement cside does not select or discriminate based on formal educational background, age, skin tone, religion, national origin, sexual orientation, gender identity, disability status, marital status, veteran status, or any other characteristic. We welcome all and celebrate equal opportunities. Referral increase your chances of interviewing by 2x. #J-18808-Ljbffr