ZipRecruiter

Log In

1

Security Research Engineer Jobs (NOW HIRING)

Pensar

Security Research Engineer

New York, NY ยท On-site

$120K - $175K/yr

We are seeking a Security Research Engineer to operate as a hybrid Forward Deployed Engineer and offensive security researcher. You'll be on the front lines of customer engagements - using our open ...

New

Cisco

Security Research Engineer

Boston, MA ยท On-site

$135K - $195K/yr

Your Impact You'll join Cisco Talos, working as a Security Research Engineer focused on improving the threat detection and analysis capabilities of Cisco's comprehensive security portfolio. You'll ...

Cisco

Security Research Engineer

Fulton, MD ยท On-site +1

$146K - $214K/yr

If you enjoy vulnerability research, crash analysis, reverse engineering, and researching new techniques and writing tools to automate these tasks, this job is for you! Your Impact * Security ...

Cisco

Security Research Engineer

OR ยท On-site +1

$146K - $214K/yr

If you enjoy vulnerability research, crash analysis, reverse engineering, and researching new techniques and writing tools to automate these tasks, this job is for you! Your Impact * Security ...

Cisco

Security Research Engineer

Fulton, MD ยท On-site +1

$146K - $214K/yr

If you enjoy vulnerability research, crash analysis, reverse engineering, and researching new techniques and writing tools to automate these tasks, this job is for you! Your Impact * Security ...

Cisco

Security Research Engineer

San Jose, CA ยท On-site

$152K - $219K/yr

Your Impact You'll join Cisco Talos, working as a Security Research Engineer focused on improving the threat detection and analysis capabilities of Cisco's comprehensive security portfolio. You'll ...

Cisco

Security Research Engineer

Fulton, MD ยท On-site +1

$146K - $214K/yr

If you enjoy vulnerability research, crash analysis, reverse engineering, and researching new techniques and writing tools to automate these tasks, this job is for you! Your Impact * Security ...

Jobgether

We are looking for an experienced Security Researcher to join a cutting-edge cybersecurity team ... Analyze, reverse engineer, and investigate malware, vulnerabilities, and malicious software ...

next page

Showing results 1-20

People also search for

All JobsSecurity Research Engineer Jobs

Security Research Engineer information

See salary details

$61.5K

$152.8K

$205.5K

How much do security research engineer jobs pay per year?

As of Jun 5, 2026, the average yearly pay for security research engineer in the United States is $152,773.00, according to ZipRecruiter salary data. Most workers in this role earn between $143,000.00 and $158,500.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Security Research Engineer, and why are they important?

To thrive as a Security Research Engineer, you need a strong understanding of cybersecurity principles, programming languages (such as Python or C/C++), and vulnerability analysis, typically backed by a degree in computer science or a related field. Familiarity with security tools like IDA Pro, Wireshark, Metasploit, and certifications such as OSCP or CEH are commonly required. Analytical thinking, problem-solving, and effective communication help you stand out in this role. These skills and qualities are essential for identifying threats, communicating findings, and developing robust security solutions in a constantly evolving cyber landscape.

What are common challenges faced by Security Research Engineers when analyzing emerging threats?

Security Research Engineers often encounter rapidly evolving attack techniques and must stay ahead of sophisticated threat actors. Keeping up with new malware variants, zero-day vulnerabilities, and advanced persistent threats requires continuous learning and adaptability. Additionally, collaborating with cross-functional teams, such as incident response and product development, is essential to develop effective countermeasures. The dynamic nature of cyber threats means that priorities can shift quickly, making time management and clear communication critical skills in this role.

What does a Security Research Engineer do?

A Security Research Engineer is responsible for identifying, analyzing, and mitigating security vulnerabilities in software, hardware, or network systems. They conduct security assessments, develop tools to test systems, and stay updated on the latest threats and attack techniques. Their work often involves reverse engineering, vulnerability discovery, and collaborating with other teams to enhance overall security. Security Research Engineers play a key role in protecting organizations from cyber threats by providing technical expertise and developing innovative defensive measures.

What is the difference between Security Research Engineer vs Security Analyst?

AspectSecurity Research EngineerSecurity Analyst
CredentialsBachelor's or higher in CS, cybersecurity certifications (e.g., CISSP, CEH)Bachelor's in CS, cybersecurity certifications often preferred
Work EnvironmentResearch labs, development teams, security firmsSecurity operations centers, corporate IT teams
Industry UsageTechnology, cybersecurity firms, research institutionsFinancial, healthcare, corporate sectors
Primary FocusDeveloping new security tools, discovering vulnerabilitiesMonitoring, incident response, risk assessment

While both roles focus on cybersecurity, Security Research Engineers primarily develop new security solutions and discover vulnerabilities, whereas Security Analysts monitor systems and respond to security incidents. The roles often overlap but differ in their core responsibilities and work environments.

More about Security Research Engineer jobs
What states have the most Security Research Engineer jobs? States with the most job openings for Security Research Engineer jobs include:
What job categories do people searching Security Research Engineer jobs look for? The top searched job categories for Security Research Engineer jobs are:
Security Research Engineer jobs near you
Infographic showing various Security Research Engineer job openings in the United States as of May 2026, with employment types broken down into 77% Full Time, and 23% Contract. Highlights an 100% In-person job distribution, with an average salary of $152,773 per year, or $73.4 per hour.

Security Research Engineer

Pensar

New York, NY โ€ข On-site

$120K - $175K/yr

Full-time

Medical, Dental, Vision

Posted 2 days ago

Job description

We are seeking a Security Research Engineer to operate as a hybrid Forward Deployed Engineer and offensive security researcher. You'll be on the front lines of customer engagements - using our open source tool Apex to run pentests, curate and present findings, and stand up our platform inside customer environments. In parallel, you'll drive original offensive and open source security research, and feed everything you learn in the field back into the product so Pensar keeps getting sharper as a pentesting platform.
This role is customer-facing by design. The ideal candidate is equally comfortable in a terminal popping shells with Apex, on a Zoom with a CISO walking through findings, and in a design review arguing for the next product capability.
Key Responsibilities
Customer Engagements & Forward Deployed Work
  • Run end-to-end pentest engagements for customers using Apex, our open source offensive security tool
  • Curate, triage, and contextualize findings for customer audiences ranging from engineers to executives
  • Deliver clear, prioritized write-ups and walk customers through results, exploitation paths, and remediation
  • Set up and configure the Pensar platform inside customer environments, including integrations and workflows
  • Act as a trusted technical partner for customers throughout onboarding, engagements, and ongoing usage
  • Travel to customer sites as needed for kickoffs, readouts, and on-site testing
Offensive Security Research
  • Conduct original offensive security research across web, cloud, infrastructure, and AI/LLM attack surfaces
  • Develop new exploitation techniques, payloads, and tooling that extend Apex's capabilities
  • Build automated testing methodologies for emerging vulnerability classes and attacker tradecraft
  • Track the evolving threat landscape and translate it into concrete detections and capabilities
Open Source Security Research
  • Lead vulnerability research across high-impact open source projects and ecosystems
  • Verify findings, build proof-of-concept exploits, and coordinate responsible disclosure with maintainers
  • Contribute patches, advisories, and tooling back to the open source community
  • Grow Pensar's reputation in the security research community through publications, talks, and contributions
Product Feedback & Pentesting Roadmap
  • Translate firsthand engagement experience into concrete recommendations for the product roadmap
  • Partner with engineering and product on capabilities, UX, and automation that make pentesting faster and more reliable
  • Participate in architecture and design reviews with a focus on the pentester's workflow
  • Help shape Apex's direction as an open source project alongside the internal platform
Compensation
  • Base salary: $120,000 - $175,000 per year, depending on experience
  • Meaningful equity in an early-stage offensive security company
  • Final offers calibrated to depth of offensive security experience, the breadth of your research record, and the level you join at
Reports To
CEO / CTO
We are an equal opportunity employer committed to diversity and inclusion. We welcome applications from all qualified candidates regardless of race, gender, age, religion, sexual orientation, or disability status.
Requirements
  • 5+ years of experience in offensive security, pentesting, red teaming, or vulnerability research
  • Strong programming skills in multiple languages (Python, Go, JavaScript, C/C++)
  • Deep, hands-on understanding of modern vulnerability classes across web, cloud, and infrastructure
  • Proven track record of running pentest engagements end-to-end and delivering findings to customers
  • Excellent customer-facing communication skills - comfortable presenting to both engineers and executives
  • Experience contributing to or maintaining open source security tooling
  • Bachelor's degree in Computer Science, Cybersecurity, or related field, or equivalent experience
Preferred Qualifications
  • Experience with AI/LLM-assisted offensive security or building security automation on top of LLMs
  • Prior Forward Deployed Engineer, solutions engineering, or consulting experience at a security or developer tools company
  • Security certifications (OSCP, OSCE, OSWE, GXPN, or equivalent)
  • Public security research, CVEs, conference talks, or notable open source contributions
  • Experience with cloud security (AWS, GCP, Azure) and containerized environments
  • Familiarity with compliance frameworks (SOC 2, ISO 27001, PCI DSS) as they relate to pentesting

Benefits
  • Comprehensive health, dental, and vision insurance
  • Direct ownership of customer engagements and offensive research at an early-stage security company
  • Professional development budget for conferences, training, and certifications
  • Support for publishing research and presenting at industry conferences
  • Direct, visible impact on both our open source tooling and commercial platform

Apply