Senior Cybersecurity Researcher

We are a forward-thinking cybersecurity company dedicated to protecting thousands of developers worldwide. Our mission is to ensure the safety and integrity of the global software supply chain through cutting-edge systems and solutions. Currently we are focused on building the world's first AI-powered Software Supply Chain Firewall.

If you're passionate about innovation, collaboration, and making a meaningful impact, we want you to join our team.

As a Senior Cybersecurity Engineer, you'll be at the forefront of identifying and analyzing security vulnerabilities in the open source ecosystem. Your research will directly contribute to protecting thousands of developers worldwide. You'll work closely with our AI and engineering teams to develop novel detection methods and create scalable security solutions.

Your role will involve investigating complex supply chain attacks, researching emerging threats, and developing innovative methodologies for detecting and preventing security breaches. You'll also contribute to our knowledge base and help shape industry best practices in software supply chain security.

• Review and assess the validity of known vulnerabilities, occasionally delving deeper to thoroughly understand the issues at hand

• Conduct in-depth research on individual software packages and the software package ecosystems including npm, PyPI, Maven and more

• Contribute to the development and maintenance of the vulnerability database, focusing on Python, Java, and JavaScript ecosystems

• Experiment with and discover novel ways to detect potential vulnerabilities in packages or software

• Collaborate with data engineers to translate novel vulnerability detection methods into systematic, repeatable processes within our data processing system

• Work closely with the Lead System Architect and Senior Data Engineer to integrate security findings into the data processing system

• Develop and optimize AI-driven modules and components to enhance the system's security capabilities

• Stay up-to-date with the latest security trends and incorporate this knowledge into the system

• Embrace a fast-paced, iterative development approach, delivering working solutions quickly and continuously improving based on feedback

• Present research findings at security conferences and industry events

Impact:

As a Senior Cybersecurity Research Engineer, you will play a vital role in building and maintaining an industry-leading vulnerability database that will protect and secure the Python, Java, and JavaScript ecosystems. Your work will have a massive impact on the cybersecurity landscape, empowering organizations worldwide to safeguard their software supply chains and mitigate vulnerabilities. Be part of a team that is at the forefront of innovation, leveraging cutting-edge AI technologies to revolutionize the way we approach cybersecurity.

If you are excited about the opportunity to make a significant impact in the cybersecurity domain and build a world-class vulnerability database, we want to hear from you! Join our dynamic and fast-paced startup, where you'll have the chance to work with cutting-edge technologies, shape the future of software supply chain security, and deliver impactful results through iterative deployments.

• Strong multi-year technical and cybersecurity research experience, specifically in software supply chain security. This should include research experience with "accidental vulnerabilities" as well as "intentionally malicious" components.

• Programming skills in Python, Java, or JavaScript, complemented by an understanding of their package ecosystems and associated vulnerabilities.

• Experience using LLMs, such as GPT, Claude, or Copilot, for security research and analysis

• Strong communication skills and experience working in remote teams

• Passionate about staying at the forefront of cybersecurity research and AI-driven solutions

We prioritize supporting our team’s growth, wellness, and success. Benefits include:

• Competitive salary: 150,000 CAD - 180,000 CAD (depending on experience)

• Private Healthcare Plan

• Generous equity stock options to share in our success

• Ability to work remotely and thrive in an adaptable, inclusive environment

• Flexible working hours, providing responsibilities are effectively managed

We believe in building products that make a real difference in the security landscape. Our team values technical excellence, open collaboration, and continuous learning.

One of our core commitments to our team and the culture is fostering belonging. We're committed to fostering an inclusive environment where diverse perspectives are valued and everyone's growth is supported. We recognize the value diversity brings not only to us as individuals, but as an organization. And we go out of our way to make each other feel understood, respected, and supported..

Check out our Core Commitments here.

We believe that diverse teams build better products. We actively strongly encourage applications from individuals who identify as women, people of color, LGBTQIA+, Indigenous, Native American, First Nations, Inuit, Métis, people with disabilities, or as part of other marginalized and historically underrepresented.

If you're passionate about full-stack development, excited about cybersecurity, and want to work in an inclusive environment where your voice is heard and your growth is actively supported, we'd love to hear from you. Join us in our mission to make the digital world safer for everyone!

We're looking for people who are passionate about building secure, scalable solutions. Don't worry if you don't match every requirement – we value diverse backgrounds and perspectives. If you're excited about our mission and think you can contribute, we'd love to hear from you!

We are committed to working with applicants requesting accommodations at any stage of the hiring process. If you require accommodations, please let us know.

Timeline: The process should roughly take 2 weeks, if scheduling and timing will allow for it.

1. Short Screening Interview

2. Core Commitment Interview with our Head of Research

3. Technical Interview with security team

4. Interview with our CEO

Along the way, we'll talk through your background and interests to determine whether Safety is a good fit for your career goals.