
Security Research Lead
Posted 3 days ago

Posted 3 days ago
This is a fully remote position, open to applicants in Europe.
• Enhance Our Products: Integrate research into product development and engineering — collaborate closely with the roadmap and codebase to refine our detection, prioritization, and remediation processes, creating features that surpass competitors.
• Influence Our AI's Risk Perception: Convert in-depth threat research into labels, signals, and product insights that train our models to prioritize vulnerabilities as an experienced researcher would.
• Direct Our Security Research Initiatives: Define the vision, standards, and methodologies for Maze’s approach to researching, validating, and prioritizing cloud and application security threats, leading a growing team of researchers.
• Discover Unique Vulnerabilities with Impact: Produce original research and craft narratives — including blog posts, technical presentations, podcasts, and conference talks — that achieve significant reach and establish Maze's credibility within the security community.
• Develop Authoritative Technical Intelligence: Create comprehensive research on exploitation methods, attack vectors, and remediation strategies in cloud infrastructure and application security, enhanced with CVE, advisories, and threat intelligence sources.
• Establish Research Quality Standards: Create frameworks and review processes to ensure our vulnerability assessments are consistent, defensible, and proactive against the evolving threat landscape.
• Cultivate Talent: Mentor and develop researchers, elevating the team's technical proficiency and fostering a research culture that attracts top talent.
• Demonstrated Depth in Security Research: Over 6 years of hands-on security research experience, with a proven history of investigating complex vulnerabilities, creating proof-of-concepts, and validating real-world threats.
• Expertise in Cloud & Application Security: Extensive understanding of vulnerabilities in cloud (AWS) and application security, including attack vectors and their actual exploitation at scale.
• Research That Transforms into Product: A history of translating research into tangible product and engineering results — collaborating closely with engineering, product, and ML teams to convert findings into implemented capabilities, rather than static reports.
• Established Public Presence: Proven ability to represent security research externally — with published research, conference presentations, well-received technical content, or a recognized presence within the community.
• Vendor-Level Insight: Direct experience in a security tooling or research organization, providing perspective on effective research operations and credibility-building within the market.
• Proficient Technical Investigation Skills: Strong coding and scripting abilities (Python, Go, or similar) for automating research tasks, developing validation tools, and creating proof-of-concepts.
• Effective Communication Skills: Capability to convey complex security research to technical practitioners, customers, and internal AI/ML and product teams while maintaining rigor.
• Leadership Experience: Background in leading or mentoring researchers, establishing standards, and overseeing a domain from start to finish in a dynamic environment.
• Prepared for Startups: Ability to navigate ambiguity and limited structure, prioritize effectively, and develop the function concurrently with its operation.
• Additional Advantages: Experience in AI/ML security or working with AI-generated security insights.
• A well-established personal brand or following within the security research community.
• Contributions to open-source security tools or research.
• Experience initiating or scaling a research/labeling operation.
• Relevant industry certifications (OSCP, AWS Security, CISSP, etc.).
• Ambitious Challenge
• Expert Team
• Build Products and a Research Brand
• Impactful Work
• Build an AI-native Company
Longbow Advantage
Casas Bahia Tecnologia
Switzerland Global Enterprise
Lincoln Financial
Get handpicked remote jobs straight to your inbox weekly.