FreeHire

Endor Labs

Senior Security Researcher

Show

Who we are

Our mission is to help developers and AppSec teams spend more time accelerating development and less time dealing with security issues. Watch our 3 min pitch from our Founder & CEO here: https://www.youtube.com/watch?v=B0wmZBcPkFE

Endor Labs has been recognized as a Gartner Cool Vendor, a RSA Innovation Sandbox finalist, and a Black Hat Innovation Spotlight finalist, all in its first year from launch.

The company was founded by Varun Badhwar and Dimitri Stiliadis, who have created multiple category-defining cloud security companies. We have raised $70M in Series A funding and assembled a team of the world’s leading static analysis experts and enterprise software veterans to increase developer productivity and open source software adoption.

What you’ll do

  • The primary tasks of this position relate to the detection, triage, and analysis of malicious open source software components — identifying threats across public package ecosystems (npm, PyPI, Maven, etc.) and assessing their scope, intent, and impact.
  • Day-to-day work includes triaging and assessing incoming malware alerts, reviewing Indicators of Compromise (IoCs), and maintaining threat campaign records to track attacker infrastructure, tactics, and patterns over time.
  • A core responsibility is the in-depth technical analysis of suspicious packages: reverse-engineering obfuscated code, identifying malicious behaviors (exfiltration, backdoors, dependency confusion, typosquatting, etc.), and producing detailed internal assessments.
  • You will author and publish external-facing content — blog posts, technical write-ups, and security advisories — communicating findings clearly to both technical and non-technical audiences, and contributing to the broader security community's awareness of emerging threats.
  • You will collaborate with internal teams to feed findings into detection pipelines, enrich our vulnerability and threat database, and help improve automated detection coverage over time.

What we're looking for

  • Bachelor's degree in engineering or a related field, with at least 3 years of hands-on professional experience specifically in malware analysis, threat intelligence, or open source package security
  • Demonstrated experience triaging security alerts at scale and working within or alongside a SOC or threat intelligence team
  • Hands-on experience reviewing and interpreting IoCs (file hashes, domains, IPs, behavioral signatures) and maintaining threat campaign tracking
  • Proficiency in reading and analyzing code across multiple languages (Python, JavaScript/TypeScript, Java, Go) — including obfuscated or minified code
  • Experience producing external security communications: blog posts, advisories, or technical reports intended for a public or customer-facing audience
  • Understanding of package manager ecosystems and common attack patterns (typosquatting, dependency confusion, malicious install scripts, etc.)

Nice to have

  • Experience contributing to or operating threat intelligence platforms or malware databases
  • Familiarity with static and dynamic analysis tooling (sandboxes, YARA rules, SAST tools)
  • Understanding of software supply chain security standards and frameworks (SLSA, SSDF, etc.)
  • Prior public research, CVE credits, or published malware findings
  • Security certifications such as GREM (GIAC Reverse Engineering Malware) or equivalent

At Endor Labs, we:

  • Strive for excellence in everything we do, prioritizing quality, speed, and impactful outcomes.
  • Engage in first principles thinking to debate ideas, test assumptions, and make decisions.
  • Put data above opinions, seeking truth and clarity in all our endeavors.
  • Embrace a culture of feedback and continuous improvement, assuming good intent in all interactions.
  • Celebrate wins as a team, understanding that our collective success is intertwined with the success of our customers.