We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Malware Researcher at Aikido Security. Location Information: Remote job. . 🌍 We’re taking on the crusty global cyber market, the "no-BS" security platform for devs.. In the past, only large enterprises needed to worry about security. Today, cybersecurity has become the top concern of 75% of all CEOs, from startups to enterprises.. This means more work for developers, who need to become security experts and ensure their platforms are secure. But it’s hard. The market is riddled with overcomplicated, expensive tools that aren’t fit for developers. So, we founded Aikido.. We are the no-bullsh*t security platform that developers actually like to use. One central platform that shows devs what matters and how to fix it, so they can get back to building.. Why work with us? Founded in 2022 by third-time serial founders, with $25M funding in the bank, we're dead set on getting security done for devs. This is a chance to join an all-star team early, take ownership, and push boundaries.. As a Security Researcher, you will be a part of the Malware team, which helps protect the wider open source ecosystem and our customers against the growing threat of malicious packages.. What you’ll be doing:. Triage packages from our analysis pipeline and validate findings.. Create new detection rules (OpenGrep + YARA) to catch novel malware patterns and boost detection accuracy.. Extend support for new programming languages in our analysis pipeline.. Explore and experiment with cutting-edge tools and techniques to detect malware at scale.. Write and publish blog posts on novel attacks and large-scale incidents.. Contribute to internal research and help shape our public research agenda.. . Requirements. . Broad knowledge of programming languages. JavaScript is a must, Python is a huge plus.. Strong understanding of security principles, standards, and best practices.. Comfortable researching and tackling hard problems and algorithms (eg, parsing with ASTs). Fluent in English.. Being able to communicate technical details to both technical and non-technical audiences.. Preference for the US timezone.. Bonus points:. Opengrep (or Semgrep) experience. Yara experience. Static analysis experience. Experience building production-ready systems. What you can expect. A high-impact role in a fast-growing startup.. Fast-tracked growth opportunities and increasing responsibilities.. A competitive . salary. package.. A company culture that values openness, informality, and getting sh*t done (see our culture page).. Flexible working hours and a hybrid work setup.. You will be recruited based on competencies. Qualities of people are decisive, regardless of gender, religion, ethnic origin, age, sexual orientation, or any disability.. .