Job Type: Contract
Contract Length: 1.5 months
Pay Range: $70-95/hr
Start Date: ASAP
Location: Remote
About the Opportunity:
Our client, a leader in Enterprise Software and Hybrid-Cloud solutions, is looking for a skilled Product Security Research Engineer to join their team for a 1.5 months engagement. This project involves focusing on the proactive discovery and technical validation of complex attack paths within the product ecosystem and leveraging AI-driven engineering to stay ahead of sophisticated threats. This is a high-impact role that requires a self-motivated professional who can hit the ground running and deliver results quickly.
Key Responsibilities & Deliverables:
This role is focused on the successful completion of specific tasks and deliverables. Your responsibilities will include:
- Attack Path Discovery: Partner with Security Architects to identify and technically validate potential exploit sequences. You will engineer proofs-of-concept to demonstrate how individual vulnerabilities can be linked to create significant product exposure.
- Impact Analysis: Perform deep-dive technical research to determine the exact “blast radius” of a vulnerability. You will be responsible for identifying exactly which products and versions are impacted and what specific data or services are at risk.
- Proactive Defense: Translate offensive research into preventative measures, providing Engineering teams with the technical evidence and architectural guidance needed to implement robust, long-term mitigations.
- AI-Enhanced Security Engineering: Explore and implement AI-driven automation to enhance our discovery and analysis capabilities. You will use emerging technologies to scale the identification of complex vulnerability patterns across the stack.
- Technical Advocacy: Serve as a senior technical subject matter expert during high-stakes triage, helping stakeholders understand the practical reality of threat through evidence-based technical analysis and exploit modeling.
We are looking for someone with a proven track record of successful contract engagements. The ideal candidate will have:
- 6+ years of experience in Product Security Engineering, Vulnerability Research, or Offensive Security, with a focus on deconstructing complex software systems.
- A talent for “Attack Path Thinking,” with the ability to look at a complex architecture and identify how a minor logic flaw could lead to a major compromise.
- A strong understanding of software vulnerabilities (logic flaws, memory corruption, auth bypasses) and how they manifest in cloud-native and hybrid-cloud environments.
- Experience or a strong interest in using AI-driven tools to scale security engineering and automate the discovery of sophisticated vulnerability patterns.
- An ability to work as a peer with Architects and Developers, using technical data and research to build consensus on remediation paths.
- Demonstrated ability to work autonomously and manage your own time effectively to meet project goals.
- Experience with reverse engineering or high-level exploit development in a research-focused environment.
- Familiarity with “Graph-based” security analysis (mapping relationships between assets, permissions, and vulnerabilities).
- Contributions to the security community, such as tool development, technical whitepapers, or responsibly disclosed CVEs.
- W2 only (No C2C or 1099 contractors)
#LI-SB1
