Principal Product Researcher - Linux
Remote US
Reports to: Director, Product Research
Location: Remote US
Compensation Range: $200,000 to $220,000 base plus bonus and equity
What We Do:
Huntress is a fully remote, global team of passionate experts and ethical badasses on a mission to break down the barriers to cybersecurity. Whether creating purpose-built security solutions, hunting down hackers, or impacting our community, our people go above and beyond to change the security game and make a real difference.
Founded in 2015 by former NSA cyber operators, Huntress protects all businesses—not just the 1%—with enterprise-grade, fully owned, and managed cybersecurity products at the price of an affordable SaaS application. The Huntress difference is our One Team advantage: our technology is designed with our industry-defining Security Operations Center (SOC) in mind and is never separated from our service.
We protect 3M+ endpoints and 1M+ identities worldwide, elevating underresourced IT teams with protection that works as hard as they do. As long as hackers keep hacking, Huntress keeps hunting.
What You’ll Do:
Do you like getting into the weeds on all things technical, psychological, and educational and have a desire to know how things work? Then this is the position for you. We are looking for that jack of all trades who brings broad experience to each challenge presented. The Huntress Security team has the unique honor of waking up every morning knowing we’re going to make hackers regret targeting our partners and customers. As a Product Security Researcher, we’re looking for someone who wants to pour all of their creativity into building and implementing simple solutions that are disproportionately effective at countering these constantly evolving threats. Competitive candidates have experience managing, deploying, and securing growing business environments utilizing a wide variety of security software, best practices, and automation tools. Familiarity with product management, incident response, social engineering, psychology, education, and managed service provider tools are additional ways to differentiate yourself.
As you can imagine, success doesn’t happen in a vacuum. An effective Security Researcher fosters highly collaborative environments between the Product, Engineering, and Security teams to accelerate our mission and secure the 99% of businesses that fall below the enterprise poverty line. This collaboration is needed to produce and prioritize a unified technical vision that ultimately delivers our most impactful features and capabilities.
We defend over 3.5M endpoints across 100,000+ mid-sized and small business customers, and that number continues to grow each month. Considering this market’s tighter budget, it’s not financially possible to dedicate human analysts to each client. The Security Operations team addresses this challenge head-on by building and scaling highly automated efficiencies—often lightly augmented by our SOC — that make intruders earn every inch of their access while maintaining affordability and healthy gross margins.
Responsibilities:
- Lead the security Capabilities we bring to market, owning the layered defense strategy gained by combining multiple log sources
- Investigate Linux endpoint compromise to understand, document & combat attacker behavior
- Test attack paths. Hunt and solve for exploitation of vulnerabilities and misconfigurations
- Hack to FIX things. Know how to break in and devise innovative fixes. Discover how to protect against attacks
- Test exploitation of vulnerabilities, misconfigurations, and attack paths that result in developing reliable and weaponized Proof-of-Concept (PoC) exploits for identified vulnerabilities
- Identify and prototype telemetry data that can be leveraged within Huntress to expand current prevention, hardening, and detection capabilities
- Analyze and reverse engineer software to discover security weaknesses and undocumented features
- Distinguish between suspicious and malicious events to reach the highest accuracy true positive rate
- Conduct research and development efforts to further threat detection and security posture
- Document research findings through technical write-ups, advisories, internal reports, and blogs
- Identify improvement opportunities in existing product features and explore new ones based on feedback from partners, prospects, peers, and industry publications.
- Coordinate with Security, Product, and Engineering teams to integrate and operationalize solutions you develop.
- Own & nurture the cross-department relationships critical to successful product delivery & launch
- Proven organizational and program management skills, with keen attention to detail and a sense of urgency to deliver an exceptional product under tight deadline pressures
- Eagerness to engage, report, and be accountable to executive stakeholders
- Passion to translate your expertise in nontechnical ways to deliver impactful security outcomes that protect the 99%
- Promote Huntress’ reputation through media interaction, public speaking, and blogs
- Educate the public on how to be security savvy in novel and fun ways
What You Bring To The Team:
- Expert knowledge of Linux distributions, eBPF, kernel modules, and audit frameworks
- Experience bypassing Linux EDR
- Experience building exploit proofs of concept (POC)
- Expert knowledge of Linux vulnerabilities & threats with the ability to emulate attacks
- Expert knowledge of Linux logs
- Expert knowledge of multi-tenant environments, especially supporting MSPs
- Linux systems administration knowledge
- Docker, Kubernetes knowledge
- Experience with conducting searches and creating visualizations in Elastic and Kibana is a plus
- Innovator builder mindset – you are not afraid to build in the open and share the ugly early versions of your work using feedback to iterate your research & learning
Desired:
- Experienced Cyber Network Operator, Computer Network Operator, Cyber Technical Operator Targeter or other similar career fields
- Red team experience, coursework, training, certifications
- Passion for the MSP community
- Security conference presenter
- Security community educator & advocate
What We Offer:
- 100% remote work environment - since our founding in 2015
- Generous paid time off policy, including vacation, sick time, and paid holidays
- 12 weeks of paid parental leave
- Highly competitive and comprehensive medical, dental, and vision benefits plans
- 401(k) with a 5% contribution regardless of employee contribution
- Life and Disability insurance plans
- Stock options for all full-time employees
- One-time $500 reimbursement for building/upgrading home office
- Annual allowance for education and professional development assistance
- $75 USD/month digital reimbursement
- Access to the BetterUp platform for coaching, personal, and professional growth
Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.
We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.
We do discriminate against hackers who try to exploit small businesses.
Accommodations:
If you require reasonable accommodation to complete this application, interview, or pre-employment testing or participate in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com. Please note that non-accommodation requests to this inbox will not receive a response.
If you have questions about your personal data privacy at Huntress, please visit our privacy page.
#BI-Remote
ApplyJob Profile
Fully remote
Benefits/Perks100% Remote 100% remote work 100% remote work environment Annual allowance Bonus Bonus and equity Comprehensive medical Comprehensive Medical, Dental, and Vision benefits Digital reimbursement Education and professional development assistance Equity Fully remote Fully remote work Generous paid time off Generous paid time off policy Life and Disability insurance Medical, dental, and vision benefits Paid holidays Paid parental leave Paid Time Off Parental leave Remote work Remote work environment Stock options Training
Tasks- Develop proof of concept exploits
- Identify improvement opportunities
- Investigate endpoint compromise
- Lead security capabilities
- Prototype telemetry data
- Test attack paths
Automation Automation tools Benefits Coaching Collaboration Creativity Cybersecurity Data privacy EDR Elastic Go Incident Response IT Linux Managed service provider tools MSP MSPs Operations Organizational Product Management Product research Psychology Research SaaS Security Security Operations Security software SOC Social Engineering Technical Technical Documentation Technology Threat Detection Training Vulnerability assessment
Experience5 years
EducationCybersecurity Engineering Psychology
TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9