Security Research Engineer - Security Testing

at Wallarm. API & App Security Integrated
  • Remote - Worldwide

Remote

Cybersecurity

Mid-level

Job description

Description

Short facts about us:

  • We are a global remote-first team of 100+ people on 4 continents and in 10+ countries.

  • We have been protecting our clients since 2014.

  • The company has raised over $10M in investments.

  • More than 200 customers around the world, including Fortune 500, Nasdaq, and high-growth startups choose Wallarm to protect their API and web applications.

  • The company passed Y Combinator, the most prestigious incubator in Silicon Valley, from which Dropbox, Stripe, Docker, etc. came out.

Our product:

Wallarm API security solutions provide proven performance to support innovative companies serving millions of users and billions of API requests per month. Hundreds of Security and DevOps teams globally use Wallarm daily to:

  1. Discover. See every asset across your entire attack surface—from cloud environments to every API endpoint with auto-discovery capabilities.

  2. Protect. A single suite that goes beyond OWASP Top 10 for full coverage for API specific threats, account takeover, malicious bots, L7 DDoS, and more.

  3. Respond. Streamline incident response with complete visibility, smart triggers, and active threat verification.

  4. Test. Automate security testing of your APIs and web assets. Prioritize remediation for every asset, in every environment.

About the role:

As a Security Research Engineer for our Security Testing Product, you will drive innovation in API security by researching, designing, and developing advanced testing capabilities. You will collaborate with engineering teams to identify and address emerging threats, ensuring our solutions remain at the forefront of the industry. This role requires deep technical expertise, a passion for security research, and the ability to translate complex vulnerabilities into actionable solutions.

Key Responsibilities:

  • Security Research: Investigate emerging API threats, vulnerabilities, and attack vectors (e.g., OWASP API Top 10) to enhance our security testing capabilities.

  • Feature Development: Design and implement new testing features, such as automated vulnerability scanning and API-specific threat detection, in collaboration with developers.

  • Technical Leadership: Define technical requirements for complex security features and guide their implementation.

  • Threat Analysis: Analyze industry trends, competitor offerings, and real-world attack patterns to inform product enhancements.

  • Collaboration: Work closely with engineering, product, and customer success teams to integrate security best practices (e.g., OWASP API Top 10) into our solutions.

  • Innovation: Propose and prototype cutting-edge testing methodologies, including AI-driven or MLOps-based approaches to threat detection.

Requirements

Must-Have Skills:

  • Proven experience as a Security Engineer, Security Researcher, or similar role in the security domain (e.g., SAST/DAST, Vulnerability Management, or API security).

  • Strong understanding of API protocols such as JSON-API, GraphQL, XML-RPC, JSON-RPC, OData, gRPC, WebSocket, SOAP, and others.

  • Expertise in application security concepts (e.g., OWASP Top 10, OWASP API Top 10) and vulnerability exploitation techniques.

  • Past experience in automation for security testing tools and pentests.

  • Knowledge of Secure Software Development Lifecycle (SSDLC) and integrating security solutions into CI/CD pipelines.

  • Excellent communication skills to articulate complex security concepts to technical and non-technical stakeholders.

Nice-to-Have Skills:

  • Expertise in API-specific attacks or participation in vulnerability assessments (e.g., bug bounty programs).

  • Proficiency in programming languages like Python, Go, or Ruby for scripting and tool development.

  • Familiarity with MLOps practices or AI-driven approaches to threat detection.

What we offer:

  • Ability to work on a product that makes the Internet safer

  • Completely remote work and flexible working hours

  • Competitive salary and bonuses

  • Paid days off

  • Medical insurance

  • Working equipment

  • Professional development and career growth

Join us in building cutting-edge solutions that empower businesses to secure their APIs and web applications against ever-evolving threats!

Share this job:
Please let Wallarm. API & App Security Integrated know you found this job on Remote First Jobs 🙏
Wallarm. API & App Security Integrated logo

Wallarm. API & App Security Integrated

  • 13 remote jobs

Latest Jobs at Wallarm. API & App Security Integrated

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply