Product Security Research Engineer

Title: Product Security Research Engineer
Job Type: Contract
Contract Length: 1.5 months
Pay Range: $70-95/hr
Start Date: ASAP
Location: Remote

About the Opportunity:

Our client, a leader in Enterprise Software and Hybrid-Cloud solutions, is looking for a skilled Product Security Research Engineer to join their team for a 1.5 months engagement. This project involves focusing on the proactive discovery and technical validation of complex attack paths within the product ecosystem and leveraging AI-driven engineering to stay ahead of sophisticated threats. This is a high-impact role that requires a self-motivated professional who can hit the ground running and deliver results quickly.


Key Responsibilities & Deliverables:

This role is focused on the successful completion of specific tasks and deliverables. Your responsibilities will include:

• Attack Path Discovery: Partner with Security Architects to identify and technically validate potential exploit sequences. You will engineer proofs-of-concept to demonstrate how individual vulnerabilities can be linked to create significant product exposure.
• Impact Analysis: Perform deep-dive technical research to determine the exact “blast radius” of a vulnerability. You will be responsible for identifying exactly which products and versions are impacted and what specific data or services are at risk.
• Proactive Defense: Translate offensive research into preventative measures, providing Engineering teams with the technical evidence and architectural guidance needed to implement robust, long-term mitigations.
• AI-Enhanced Security Engineering: Explore and implement AI-driven automation to enhance our discovery and analysis capabilities. You will use emerging technologies to scale the identification of complex vulnerability patterns across the stack.
• Technical Advocacy: Serve as a senior technical subject matter expert during high-stakes triage, helping stakeholders understand the practical reality of threat through evidence-based technical analysis and exploit modeling.

Required Skills & Experience:

We are looking for someone with a proven track record of successful contract engagements. The ideal candidate will have:

• 6+ years of experience in Product Security Engineering, Vulnerability Research, or Offensive Security, with a focus on deconstructing complex software systems.
• A talent for “Attack Path Thinking,” with the ability to look at a complex architecture and identify how a minor logic flaw could lead to a major compromise.
• A strong understanding of software vulnerabilities (logic flaws, memory corruption, auth bypasses) and how they manifest in cloud-native and hybrid-cloud environments.
• Experience or a strong interest in using AI-driven tools to scale security engineering and automate the discovery of sophisticated vulnerability patterns.
• An ability to work as a peer with Architects and Developers, using technical data and research to build consensus on remediation paths.
• Demonstrated ability to work autonomously and manage your own time effectively to meet project goals.

Bonus:

• Experience with reverse engineering or high-level exploit development in a research-focused environment.
• Familiarity with “Graph-based” security analysis (mapping relationships between assets, permissions, and vulnerabilities).
• Contributions to the security community, such as tool development, technical whitepapers, or responsibly disclosed CVEs.

• W2 only (No C2C or 1099 contractors)

#LI-SB1