Security Research Engineer - Security Testing

Wallarm. API & App Security Integrated Logo

Wallarm. API & App Security Integrated

๐Ÿ“Remote - Worldwide

Summary

Join Wallarm, a global remote-first team, as a Security Research Engineer for our Security Testing Product. Drive innovation in API security by researching, designing, and developing advanced testing capabilities. Collaborate with engineering teams to identify and address emerging threats. This role demands deep technical expertise, a passion for security research, and the ability to translate complex vulnerabilities into actionable solutions. You will investigate emerging API threats, design and implement new testing features, define technical requirements for complex security features, analyze industry trends, and work closely with various teams to integrate security best practices. The position offers the ability to work on a product that makes the internet safer, completely remote work and flexible hours, competitive salary and bonuses, paid days off, medical insurance, working equipment, and professional development opportunities.

Requirements

  • Proven experience as a Security Engineer, Security Researcher, or similar role in the security domain (e.g., SAST/DAST, Vulnerability Management, or API security)
  • Strong understanding of API protocols such as JSON-API, GraphQL, XML-RPC, JSON-RPC, OData, gRPC, WebSocket, SOAP, and others
  • Expertise in application security concepts (e.g., OWASP Top 10, OWASP API Top 10) and vulnerability exploitation techniques
  • Past experience in automation for security testing tools and pentests
  • Knowledge of Secure Software Development Lifecycle (SSDLC) and integrating security solutions into CI/CD pipelines
  • Excellent communication skills to articulate complex security concepts to technical and non-technical stakeholders

Responsibilities

  • Investigate emerging API threats, vulnerabilities, and attack vectors (e.g., OWASP API Top 10) to enhance our security testing capabilities
  • Design and implement new testing features, such as automated vulnerability scanning and API-specific threat detection, in collaboration with developers
  • Define technical requirements for complex security features and guide their implementation
  • Analyze industry trends, competitor offerings, and real-world attack patterns to inform product enhancements
  • Work closely with engineering, product, and customer success teams to integrate security best practices (e.g., OWASP API Top 10) into our solutions
  • Propose and prototype cutting-edge testing methodologies, including AI-driven or MLOps-based approaches to threat detection

Preferred Qualifications

  • Expertise in API-specific attacks or participation in vulnerability assessments (e.g., bug bounty programs)
  • Proficiency in programming languages like Python, Go, or Ruby for scripting and tool development
  • Familiarity with MLOps practices or AI-driven approaches to threat detection

Benefits

  • Ability to work on a product that makes the Internet safer
  • Completely remote work and flexible working hours
  • Competitive salary and bonuses
  • Paid days off
  • Medical insurance
  • Working equipment
  • Professional development and career growth

Remote

Cybersecurity

Mid-level

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.