Senior Security Researcher, Google

Posted 12 Days Ago
Easy Apply
Be an Early Applicant
Hiring Remotely in US
Remote
Senior level
Information Technology • Cybersecurity
Huntress is people-powered cybersecurity for all businesses, not just the 1%.
The Role
As a Senior Security Researcher, you will develop and implement security strategies, investigate identity compromises, enhance telemetry capabilities, analyze software for weaknesses, and document findings. You'll foster collaboration across departments and engage with executives while promoting your expertise in the security community.
Summary Generated by Built In

Reports to: Director, Product Research

Location: Remote US

Compensation Range: $160,000 to $180,000 base plus bonus and equity


What We Do: 

Huntress is a fully remote, global team of passionate experts and ethical badasses on a mission to break down the barriers to cybersecurity. Whether creating purpose-built security solutions, hunting down hackers, or impacting our community, our people go above and beyond to change the security game and make a real difference.

Founded in 2015 by former NSA cyber operators, Huntress protects all businesses—not just the 1%—with enterprise-grade, fully owned, and managed cybersecurity products at the price of an affordable SaaS application. The Huntress difference is our One Team advantage: our technology is designed with our industry-defining Security Operations Center (SOC) in mind and is never separated from our service.

We protect 3M+ endpoints and 1M+ identities worldwide, elevating underresourced IT teams with protection that works as hard as they do. As long as hackers keep hacking, Huntress keeps hunting.

What You’ll Do: 

Do you like getting into the weeds on all things technical, psychological, and educational and have a desire to know how things work? Then this is the position for you. We are looking for that jack of all trades who brings broad experience to each challenge presented. The Huntress Security team has the unique honor of waking up every morning knowing we will make hackers regret targeting our partners and customers. As a Security Product Researcher, we’re looking for someone who wants to pour all of their creativity into building and implementing simple solutions that are disproportionately effective at countering these constantly evolving threats. Competitive candidates have experience managing, deploying, and securing SMB environments utilizing a wide variety of security software, best practices, and automation tools. Familiarity with product management, incident response, social engineering, psychology, education, and managed service provider tools are additional ways to differentiate yourself.

As you can imagine, success doesn’t happen in a vacuum. An effective Security Researcher fosters highly collaborative environments between the Product, Engineering, and Security teams to accelerate our mission and secure the 99% of businesses that fall below the enterprise poverty line. This collaboration is needed to produce and prioritize a unified technical vision delivering our most impactful features and capabilities.

We defend over 3M endpoints across 33,000+ mid-sized and small business customers, and that number continues to grow each month. Considering this market’s tighter budget, it’s not financially possible to dedicate human analysts to each client. The Security Operations team addresses this challenge head-on by building and scaling highly automated efficiencies—often lightly augmented by our SOC — that make intruders earn every inch of their access while maintaining affordability and healthy gross margins.

Responsibilities:  

  • Produce security Capabilities we bring to market, owning the layered defense strategy gained by combining multiple data sources and security strategies
  • Investigate identity compromise, initial access, authentication logins, and subsequent access to understand, document & combat attacker behavior
  • Hunt threat actors in Google Workspace, AuthN, AuthZ, OAuth, & token authentication audit logs to determine Google environment initial access, abuse, and persistence
  • Test attack paths, exploitation of vulnerabilities, and misconfigurations. Hunt and solve for identity hijacking via discovering exploitation of vulnerabilities and misconfigurations. Convert vulnerability testing findings into reliable and weaponized Proof-of-Concept (PoC) exploits for identified vulnerabilities. Hack to FIX things. Know how to break in and devise innovative fixes. Discover technical innovations to protect against attacks. Rapidly operationalize prototypes in the open to collect fast feedback and iterate toward product success
  • Identify and prototype telemetry data that can be leveraged within Huntress to expand current prevention, hardening, and detection capabilities
  • Analyze and reverse engineer software to discover security weaknesses and undocumented features
  • Distinguish between suspicious and malicious login events and user behavior to reach the highest accuracy true positive rate
  • Document research findings through technical write-ups, advisories, internal reports, and blogs
  • Elevate and nurture the cross-department relationships critical for successful product delivery & launch. Coordinate with Security, Product, and Engineering teams to integrate and operationalize security solutions. Build high-trust, high-value relationships with product leads
  • Proven organizational and program management skills, with keen attention to detail and a sense of urgency to deliver an exceptional product under tight deadlines
  • Eagerness to engage, report, and be accountable to executive stakeholders. Enthusiasm to give and receive radical candor, challenge and be challenged in high speed cross-company engagements with hunger to deliver excellence and minimal ego
  • Promote your expertise and brand to generate impactful security outcomes for businesses and the security community via media interaction, conference presentations, public speaking, and blogs with a commitment to educating on how to be security savvy in novel and fun ways

What You Bring To The Team: 

  • Knowledge and technical expertise in Google ecosystem including: logs, APIs, multi-tenant environments, especially supporting MSPs, Google Workspace editions, and business plans with the ability to maximize value across business plan levels, GCP; security products such as: Chrome Enterprise, BeyondCorp, Google Identity Premium, and Google Vault
  • Experience configuring and leveraging Google Workspace organizational units (OUs), group permissions, settings & APIs, including Gmail, Drive, Calendar, Takeout, & Docs scripting engine
  • Experience configuring and leveraging Google Workspace security policies, including SSO, two-factor authentication, password policies, and data loss prevention (DLP) to protect sensitive information
  • Experience with Google Chronicle and/or Vault
  • Experience managing security settings like configuring email security, spam filtering, malware detection, and phishing protection
  • Expertise in implementing, managing, and bypassing SSO, MFA, and identity governance across complex organizational structures
  • Red team experience, coursework, training, certifications
  • Proof of Concept (POC) development
  • Comfortable reading API documentation for SaaS applications and programming languages
  • Experience with MSP environments and IT automation tools such as PSAs and RMMs preferred
  • Security conference presenters and community educators preferred
  • Incident responder in Google environment incidents a plus
  • Experience with conducting searches and creating visualizations in Elastic and Kibana is a plus
  • Experience with Identity and Access Management (IAM) concepts and tools a plus
  • Google Workspace Administrator, Google Cloud, GRTE Certifications a plus
  • Experienced Cyber Network Operator, Computer Network Operator, Cyber Technical Operator Targeter, or other similar career fields a plus

What We Offer: 

  • 100% remote work environment - since our founding in 2015
  • Generous paid time off policy, including vacation, sick time, and paid holidays
  • 12 weeks of paid parental leave
  • Highly competitive and comprehensive medical, dental, and vision benefits plans 
  • 401(k) with a 5% contribution regardless of employee contribution
  • Life and Disability insurance plans
  • Stock options for all full-time employees 
  • One-time $500 reimbursement for building/upgrading home office
  • Annual allowance for education and professional development assistance 
  • $75 USD/month digital reimbursement
  • Access to the BetterUp platform for coaching, personal, and professional growth

  

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are. 

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.  

We do discriminate against hackers who try to exploit small businesses.

Accommodations: 

If you require reasonable accommodation to complete this application, interview, or pre-employment testing or participate in the employee selection process, please direct your inquiries to [email protected]. Please note that non-accommodation requests to this inbox will not receive a response. 

If you have questions about your personal data privacy at Huntress, please visit our privacy page.

#BI-Remote 

Top Skills

Chrome Enterprise
Data Loss Prevention
Elastic
GCP
Google Identity Premium
Google Vault
Google Workspace
Identity And Access Management
Incident Response
Kibana
Security Products
Two-Factor Authentication

What the Team is Saying

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Columbia, MD
450 Employees
Remote Workplace
Year Founded: 2015

What We Do

Huntress is the enterprise-grade, people-powered cybersecurity solution for businesses of all sizes. With fully owned technology developed by and for its industry-defining team of security analysts, engineers, and researchers, Huntress elevates underresourced tech teams whether they work within outsourced environments (OIS) or in-house IT and security teams (IIS).

Why Work With Us

We're not just protecting businesses; we're preserving dreams, securing livelihoods, and proving to hackers that it’s more rewarding to be a force for good. We work with the best of the best, an elite team of humans who know how to own their work, elevate those around them, and consistently ship their best work.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

Huntress Teams

Team
Cybersecurity for the 99 percent
About our Teams

Huntress Offices

Remote Workspace

Employees work remotely.

We believe in hiring the best people regardless of location or time zone. We currently hire individuals in the US, Canada, the UK, Ireland, and Australia.

Typical time on-site: None
HQColumbia, MD
Austin, TX
Boston, MA
Chicago, IL
Denver, CO
Los Angeles, CA
New York, NY
San Francisco, CA
Seattle, WA
Learn more

Similar Jobs

Easy Apply
Remote
US
450 Employees

Huntress Logo Huntress

Channel Account Manager I

Information Technology • Cybersecurity
Easy Apply
Remote
US
450 Employees

Huntress Logo Huntress

Sales Engineer - Mid-Market

Information Technology • Cybersecurity
Easy Apply
Remote
US
450 Employees

Huntress Logo Huntress

Software Engineer, Core Platform (Ruby/Rails)

Information Technology • Cybersecurity
Easy Apply
Remote
US
450 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account