Senior Security Researcher

Summary

Join Huntress, a fully remote global cybersecurity team, as a Security Product Researcher. You will lead security capabilities, conduct research and development, investigate identity compromises, and hunt threat actors. The role requires expert knowledge of the Google ecosystem and security stack, along with experience in Proof of Concept development and vulnerability analysis. You will collaborate with various teams to integrate and operationalize security solutions. Huntress offers a competitive salary, generous benefits including paid parental leave and 401k, and a 100% remote work environment.

Requirements

• Expert knowledge and technical expertise in Google ecosystem including: logs, APIs, multi-tenant environments, especially supporting MSPs, Google Workspace editions, and business plans with the ability to maximize value across business plan levels, GCP; security products such as: Chrome Enterprise, BeyondCorp, Google Identity Premium, and Google Vault
• Google security stack expertise: chrome enterprise/beyond corp, google identity premium
• Expert knowledge of Google multi tenant environments especially supporting MSPs
• Expert knowledge of Google Workspace editions and business plans with the ability to maximize value across business plan levels
• Proof of Concept (POC) development
• Comfortable reading API documentation for SaaS applications and programming languages
• Expert knowledge and experience configuring and leveraging Google Workspace organizational units (OUs), group permissions, settings & APIs including Gmail, Drive, Calendar, Takeout, & Docs scripting engine
• Expert knowledge and experience configuring and leveraging Google Workspace security policies including SSO, two-factor authentication, password policies, and data loss prevention (DLP) to protect sensitive information
• Expert knowledge and experience managing security settings like configuring email security, spam filtering, malware detection, and phishing protection

Responsibilities

• Lead the security Capabilities we bring to market, owning the layered defense strategy gained by combining multiple log sources
• Conduct research and development efforts to further threat detection and identity security posture
• Investigate identity compromise, initial access + authentication logins, and subsequent access to understand, document & combat attacker behavior
• Hunt threat actors in Google Workspace, AuthN, AuthZ, OAuth, & token authentication audit logs to determine Google environment initial access, abuse and persistence
• Test attack paths. Hunt and solve for identity hijacking via discovering exploitation of vulnerabilities and misconfigurations
• Hack to FIX things. Know how to break in and devise innovative fixes. Discover how to protect against attacks
• Test exploitation of vulnerabilities, misconfigurations, and attack paths that results in developing reliable and weaponized Proof-of-Concept (PoC) exploits for identified vulnerabilities
• Identify and prototype telemetry data that can be leveraged within Huntress to expand current prevention, hardening, and detection capabilities
• Analyze and reverse engineer software to discover security weaknesses and undocumented features
• Distinguish between suspicious and malicious login events to reach the highest accuracy true positive rate
• Elevate and nurture the cross-department relationships critical for successful product delivery & launch. Coordinate with Security, Product, and Engineering teams to integrate and operationalize security solutions. Build high-trust, high-value relationships with product leads
• Document research findings through technical write-ups, advisories, internal reports, and blogs
• Identify improvement opportunities in existing product features and explore new ones based on feedback from partners, prospects, peers, and industry publications
• Coordinate with Product and Engineering teams to integrate and operationalize solutions developed by you + the research team
• Partner with Support, Detection Engineering, SOC, Hunt & Adversary Tactics teams
• Own & nurture the cross-department relationships critical to successful product delivery & launch
• Proven organizational and program management skills, with keen attention to detail and sense of urgency to deliver an exceptional product under tight deadline pressures
• Eagerness to engage, report, and be accountable to executive stakeholders
• Passion to translate your expertise in nontechnical ways to deliver impactful security outcomes that protect the 99%
• Promote Huntress’ reputation through media interaction, public speaking, and blogs
• Educate the public on how to be security savvy in novel and fun ways

Preferred Qualifications

• Understanding of how MSPs utilize IT automation tools such as PSAs and RMMs preferred
• Experience with conducting searches and creating visualizations in Elastic and Kibana a plus
• Innovator builder mindset – you are not afraid to build in the open and share the ugly early versions of your work using feedback to iterate your research & learning
• Security conference presenters and community educators preferred
• Identity Access Management (IAM) Engineer
• Experience with identity and access management (IAM) concepts and tools
• Google Workspace Administrator Certification
• Google SIEM (Chronicle) experience
• Expertise in implementing, managing, and bypassing SSO, MFA, and identity governance across a complex organizational structure
• Experienced Cyber Network Operator, Computer Network Operator, Cyber Technical Operator Targeter or other similar career fields
• Red team experience, coursework, training, certifications
• Google certifications
• Administrator for Google Workspace at multi-tenant MSP
• Incident responder in Google environment incidents
• Passion for MSP community
• Security conference presenter
• Security community educator & advocate

Benefits

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth