Senior Security Researcher

At ReversingLabs, our software supply chain security and threat intelligence solutions have become essential to advancing cybersecurity maturity around the globe. We're on a journey to expand adoption and accelerate growth by hiring top talent across the security industry.

Notable breaches such as SolarWinds, CircleCI, and 3CX have elevated software supply chain security as a top initiative across every organization developing or purchasing software. Only ReversingLabs delivers the software package analysis speed and intelligence needed to protect against this critical risk area.

Our vision is clear. Arming every company with end-to-end insights to ensure development releases securely, IT purchases safely, and the SOC can effectively detect, isolate, and respond. We seek extraordinary talent for this game-changing opportunity to help forge this transformational journey at ReversingLabs.

The Senior Security Researcher plays a central role in shaping the quality and direction of ReversingLabs' detection capabilities and product intelligence. Working across security research, product, and engineering, this person drives continuous improvement, uncovering opportunities to strengthen our detection logic, elevating the value of our data sources, and translating frontline threat knowledge into product outcomes that keep our customers ahead of attackers.

A key forward-looking dimension of this role is exploring how large language models can augment analyst workflows, improve detection quality, and accelerate threat research. This person will work on ReversingLabs' AI efforts, working hands-on to design and evaluate AI-powered capabilities within our product ecosystem.

Key Responsibilities

Security Research & Threat Intelligence

• Analyze and dissect malware campaigns and attacker tooling to extract actionable intelligence and inform detection strategy.
• Track emerging threats, vulnerability disclosures, and attacker techniques; translate findings into detection improvements and internal threat intelligence reports.
• Work closely with fellow researchers to build shared understanding of current threat landscapes and feed insights into product and detection roadmaps.

Detection Research & Development

• Research and develop new detection methods, including YARA rules and AI assisted tools
• Investigate evasion techniques and contribute to anti-evasion controls in our analysis pipeline.
• Evaluate open-source and third-party tools for potential integration into the ReversingLabs platform.

AI-Augmented Security Research (Preferred Growth Area)

• Research and develop AI-powered capabilities to transform security workflows, with a focus on scaling human expertise through advanced automation and reasoning models.
• Develop and evaluate pipelines that streamline complex analysis tasks and accelerate the synthesis of technical threat data into actionable outcomes.
• Advance the use of AI for detection augmentation, leveraging generative and discriminative models to enhance pattern recognition and threat categorization at scale.

Requirements

Core Security Experience

• 6–8 years of experience in cybersecurity, with a strong foundation in malware analysis and threat research.
• Hands-on expertise in static and dynamic analysis techniques; familiarity with tools such as IDA Pro, OllyDbg, Wireshark, and YARA.
• Solid understanding of network protocols, OS internals, and attacker tradecraft.
• Programming proficiency in Python; experience with C/C++ or Assembly is a plus.
• Experience with virtualization, sandboxing, and automated analysis environments.

Research & Collaboration

• Ability to self-direct research, synthesize complex findings, and communicate them clearly to technical and non-technical audiences.
• Collaborative mindset, comfortable working across engineering, product, and research functions.
• Strong analytical and problem-solving skills; ability to reason about signal quality and detection effectiveness

AI & Automation Skills (Clearly Preferred, Not Required)

• Familiarity with large language models (LLMs) and their application in security contexts, e.g., for text analysis, code understanding, or workflow automation.
• Experience building or evaluating automation frameworks or LLM-powered workflows
• Understanding of prompt engineering, retrieval-augmented generation (RAG), or fine-tuning concepts as applied to domain-specific tasks.
• Prior work on AI-assisted detection or ML-based classifiers in a security product context is a strong differentiator.

Education & Certifications

• Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
• Relevant certifications (OSCP, GREM, CISSP) are desirable but not required.

Benefits

• On-site, hybrid, and remote work as options (paid accommodation and transportation to Zagreb during onboarding for remote employees), and flexible working hours
• Generous compensation and a bonus system based on annual performance
• Permanent contract with a fast-growing global company with Fortune 500 and government agencies as clients
• Opportunity to work on innovative solutions in malware analysis & software supply chain security, crafted in our very own Croatian R&D center
• Great career advancement opportunities – clear goals and internal promotions
• Company library and the possibility of ordering books of choice via Amazon
• Employee referral bonus program: EUR 1,060 net for junior positions, EUR 2,123 net for mid to senior positions, and EUR 2,654 net for principal/managerial positions
• Multisport card, annual health checkup, newborn child allowance, rent-cost, and 3rd pillar pension benefits
• Wellness Weekends – quarterly, company-wide three-day weekend, starting with a company-paid Friday off for all employees
• Fully covered car garage in Radnička cesta for all employees

#LI-MV1