We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Senior Security Researcher (Remote - US) at Jobgether. This position is posted by Jobgether on behalf of Endor Labs. We are currently looking for a Senior Security Researcher in the United States.. This role offers a unique opportunity to lead offensive security research in the software supply chain domain, shaping the security of modern applications. You will investigate zero-day vulnerabilities, analyze attack trends, and influence the development of next-generation security capabilities. Collaborating closely with product and engineering teams, you will translate research into practical protections while contributing to the broader security community through publications and conference presentations. This position provides autonomy, access to cutting-edge technologies, and the chance to make a meaningful impact on software supply chain security at scale.. Accountabilities. . Conduct offensive security research on software supply chain threats, identifying and analyzing zero-day vulnerabilities.. . Develop and refine exploit techniques to evaluate modern attack vectors targeting CI/CD systems and third-party libraries.. . Collaborate with product and engineering teams to translate research findings into innovative security features.. . Publish research through blogs, white papers, and presentations at leading security conferences.. . Prototype and implement detection and mitigation strategies for emerging threats.. . Contribute to open-source tools, frameworks, or methodologies to advance software supply chain security.. . Continuously monitor emerging threats, attacker techniques, and evolving security trends to refine research efforts.. . . 5+ years of experience in security research, vulnerability discovery, and offensive security.. . Deep expertise in reverse engineering, exploit development, and software vulnerability analysis.. . Strong understanding of software supply chain security, including package management systems and CI/CD pipelines.. . Experience discovering and responsibly disclosing zero-day vulnerabilities.. . Proven record of publishing research or presenting at top security conferences (e.g., Black Hat, DEF CON, RSAC, BSides).. . Proficiency in programming languages such as Python, Rust, or Go.. . Excellent analytical skills and the ability to perform independent security research.. . Strong written and verbal communication skills for technical and non-technical audiences.. . Company Location: United States.