Senior Security Researcher (Pune)
Senior Security Researcher (Pune)
-
Pune, India -
Posted: less than a week ago
-
Save -
Share
Description
Point Wild helps customers monitor, manage, and protect against the risks associated with their identities and personal information in a digital world. Backed by WndrCo, Warburg Pincus and General Catalyst, Point Wild is dedicated to creating the world's most comprehensive portfolio of industry-leading cybersecurity solutions. Our vision is to become THE go-to resource for every cyber protection need individuals may face
- today and in the future. Join us for the ride! About the Role You'll own the detection pipeline end-to-end for our software supply chain security platform, catching malicious packages and compromised CI/CD pipelines before they reach production systems. This hands-on role involves designing detection systems, hunting threats, disclosing vulnerabilities, and publishing research that protects customers and establishes our voice in the security community. You'll work directly with detection systems that scan open-source packages at scale and turn findings into actionable intelligence. What You'll Do
- Design systems that scan open-source packages (npm, PyPI, RubyGems, Maven, crates.io, Go modules, GitHub Actions, container images) for malicious behavior at scale
- Hunt novel malicious packages, typosquats, dependency confusion attempts, compromised maintainers, and CI/CD abuse patterns
- Coordinate with maintainers, foundations, and registries to file CVEs and work with GitHub Security Advisories and OSV schema
- Build internal tooling using static analysis and AI models to triage findings, summarize package diffs, and cluster related campaigns
- Publish technically rigorous blog posts for every significant finding that establish thought leadership and drive community engagement
- Tune detection signals, reduce false positives, and develop countermeasures against evolving sandbox evasion techniques What We're Looking For
- 4+ years of security research experience with published CVEs, GHSAs, or equivalent advisories with your name on them
- Deep expertise in multiple vulnerability classes including malicious packages, RCE, prototype pollution, deserialization, SSRF, auth bypasses, and CI/CD attack paths
- Experience designing and operating detection, scanning, or analysis pipelines at scale that run continuously and produce actionable signal
- Strong programming skills in TypeScript, Python, Go, or Rust with ability to read code across multiple languages (JavaScript, Ruby, Java, PHP)
- Proven track record of writing high-quality technical blog posts quickly and hands-on experience using LLMs as research tools Bonus Points
- Contributions to OpenSSF, OSV, Sigstore, SLSA, or adjacent open source security projects
- Reverse engineering experience with obfuscated JavaScript droppers, packed binaries, or malicious post-install scripts
- Conference speaking experience at DEF CON, Black Hat, BSides, OffensiveCon, or Kaspersky SAS As part of Point Wild, you will: Solve real customer problems. Point Wild's point solutions allow consumers to address their immediate cyber protection needs. Our mandate is to continuously anticipate our customers' evolving digital security needs to create best-in-class solutions aimed at keeping them safe. See your impact. We are a scrappy, nimble organization where individual contributions are needed and valued. You will see your impact every day. Accelerate your career. As we expand, you will have the prospect to learn new technologies, products, and markets in a fast-paced, growth-oriented environment. Most importantly, you'll get to work with other talented people at a company where people matter. If you want to put your fingerprint on an organization and leapfrog your growth, this is the place for you. In keeping with our beliefs and goals, no employee or applicant will face discrimination or harassment based on race, color, ancestry, national origin, religion, age, gender, marital domestic partner status, sexual orientation, gender identity, disability status, or veteran status. Above and beyond discrimination or harassment based on "protected categories," Point Wild is committed to being an inclusive community where all feel welcome. Whether blatant or hidden, barriers to success have no place at Point Wild. Important privacy information for United States based job applicants can be found here. Apply on Kit Job: kitjob.in/job/4miifd
- today and in the future. Join us for the ride! About the Role You'll own the detection pipeline end-to-end for our software supply chain security platform, catching malicious packages and compromised CI/CD pipelines before they reach production systems. This hands-on role involves designing detection systems, hunting threats, disclosing vulnerabilities, and publishing research that protects customers and establishes our voice in the security community. You'll work directly with detection systems that scan open-source packages at scale and turn findings into actionable intelligence. What You'll Do
- Design systems that scan open-source packages (npm, PyPI, RubyGems, Maven, crates.io, Go modules, GitHub Actions, container images) for malicious behavior at scale
- Hunt novel malicious packages, typosquats, dependency confusion attempts, compromised maintainers, and CI/CD abuse patterns
- Coordinate with maintainers, foundations, and registries to file CVEs and work with GitHub Security Advisories and OSV schema
- Build internal tooling using static analysis and AI models to triage findings, summarize package diffs, and cluster related campaigns
- Publish technically rigorous blog posts for every significant finding that establish thought leadership and drive community engagement
- Tune detection signals, reduce false positives, and develop countermeasures against evolving sandbox evasion techniques What We're Looking For
- 4+ years of security research experience with published CVEs, GHSAs, or equivalent advisories with your name on them
- Deep expertise in multiple vulnerability classes including malicious packages, RCE, prototype pollution, deserialization, SSRF, auth bypasses, and CI/CD attack paths
- Experience designing and operating detection, scanning, or analysis pipelines at scale that run continuously and produce actionable signal
- Strong programming skills in TypeScript, Python, Go, or Rust with ability to read code across multiple languages (JavaScript, Ruby, Java, PHP)
- Proven track record of writing high-quality technical blog posts quickly and hands-on experience using LLMs as research tools Bonus Points
- Contributions to OpenSSF, OSV, Sigstore, SLSA, or adjacent open source security projects
- Reverse engineering experience with obfuscated JavaScript droppers, packed binaries, or malicious post-install scripts
- Conference speaking experience at DEF CON, Black Hat, BSides, OffensiveCon, or Kaspersky SAS As part of Point Wild, you will: Solve real customer problems. Point Wild's point solutions allow consumers to address their immediate cyber protection needs. Our mandate is to continuously anticipate our customers' evolving digital security needs to create best-in-class solutions aimed at keeping them safe. See your impact. We are a scrappy, nimble organization where individual contributions are needed and valued. You will see your impact every day. Accelerate your career. As we expand, you will have the prospect to learn new technologies, products, and markets in a fast-paced, growth-oriented environment. Most importantly, you'll get to work with other talented people at a company where people matter. If you want to put your fingerprint on an organization and leapfrog your growth, this is the place for you. In keeping with our beliefs and goals, no employee or applicant will face discrimination or harassment based on race, color, ancestry, national origin, religion, age, gender, marital domestic partner status, sexual orientation, gender identity, disability status, or veteran status. Above and beyond discrimination or harassment based on "protected categories," Point Wild is committed to being an inclusive community where all feel welcome. Whether blatant or hidden, barriers to success have no place at Point Wild. Important privacy information for United States based job applicants can be found here. Apply on Kit Job: kitjob.in/job/4miifd
Highlights
-
Company namePoint Wild -
Job positionSenior Security Researcher (Pune)
-
Flag -
Block ad
Safety Tips
Be careful if you are offered a job on the spot.
Related searches
More info about this ad
Senior Security Researcher (Pune) has been posted in the Pune Education & Training category on Locanto.
If you’re still wanting to browse, there is so much to explore in the Education & Training category! Take a look at the ads Pune Institute of Applied Technology (PIAT), Pune, CodingGyan – Online Coding Courses & IT Training, Pune and Best Academy for NDA in Pune in Maharashtra, PUNE to discover more of what you’re looking for. Right now, there are 80 classified ads in Education & Training in Pune on Locanto.
You can find the Education & Training category under Jobs. Want something else? Check out the related categories BPO & KPO, Administrative & Support and Recruitment & HR Pune.
Interested in more? Widen your search to view ads in nearby areas of Pune. This includes Education & Training in Hadapsar, Pimpri-Chinchwad and Kalyani Nagar. There are more ads within a 15 km radius for this category. If you want to view those ads, click here.
