Security Researcher

Zafran is looking for an experienced Security Researcher to join our growing research team. The team's responsibility is vulnerability research for both PR purposes and research for Zafran’s product. In this role, you will focus on vulnerability research of open-source projects and reverse engineering of low-level binaries. The team also focuses on AI security and low-level product security research.

A key part of your work will include analyzing internal code and identifying security risks to improve Zafran’s overall security posture and support our PR efforts.

About Zafran:

Our Mission: To stop the exploitation of vulnerabilities, everywhere.

What makes us different: Zafran de-risks 90% of critical vulnerabilities overnight across your hybrid environment and utilizes Agentic Capabilities and your existing security tools to rapidly mitigate and remediate the 10% most likely to be exploited.

​​Who’s behind us: Zafran is backed by Menlo Ventures, Sequoia Capital, Cyberstarts, and a deep belief that cybersecurity should move as fast as attackers do. We’re one of the fastest-growing companies in the industry, scaling to meet demand from the world’s most advanced, security-obsessed organizations.

We’re serious about our mission- so expect work that matters, teammates who challenge and inspire you, and plenty of fun along the way!

What you will do:

• Vulnerability Discovery: Research and discover vulnerabilities across AI applications, low-level products, and cloud environments, including the development of functional Proofs-of-Concept (PoCs).
• Public Research & PR: Publish technical blogs and present your research at major security conferences.
• Technical Product Research: Produce in-depth technical research and conduct reverse engineering of security products to directly support the development of Zafran’s product and platform.
• Stay up to date with newly discovered CVEs, attack techniques, and threat trends
• Cross-Functional Collaboration: Partner with product and engineering teams to help improve Zafran’s security.

About Zafran

What you will do

Requirements

• 5+ years of hands-on experience in security research, including a track record of finding vulnerabilities in complex systems..
• Strong understanding of vulnerabilities, exploit techniques, and attack vectors.
• Experience in reverse engineering binaries, security products, and complex low-level systems.
• Hands-on experience with Linux systems, networking, and cloud environments
• Ability to analyze complex systems and think like an attacker
• Strong written communication skills in English, including technical documentation. 
• Self-driven, curious, and passionate about security research

Experience with the following is a plus

• Experience contributing to blogs, public research, conference talks, or media-facing security content
• Familiarity with AI systems, AI security, and model behavior.
• Experience in software development.

Experience with the following is a plus