Chargement en cours
Postuler

Security Researcher Mid-level

PARIS, 75
il y a 1 jour

We are seeking a Security Researcher – Mid-level to join Escape and play a central role in advancing the detection capabilities of our DAST and ASM products.

This is an applied security role: think web pentester with strong coding skills . Your mission is to turn offensive security knowledge into scalable, production‑grade detection logic.

You will focus on discovering new vulnerability detection techniques, improving existing algorithms, and ensuring Escape remains best‑in‑class in terms of accuracy, performance, and real‑world relevance.

As part of the Security Research team, you will transform security insights and exploitation techniques into concrete detection logic that runs at scale in production. Your work will directly shape the effectiveness of Escape’s scanners and have a measurable impact on customer security outcomes.

Context

  • Location : Paris (75002), 2 days remote/week

  • Company : Escape – Leading AI Cybersecurity Startup

  • Cofounders : CEO (Tristan Kalos ) and CTO (Antoine Carossio )

  • Engineering Team : 15 Engineers, 4 Technical Leads, 1 Product Owner

  • Team Size : You’ll be working in a close‑knit team of 3 outstanding engineers under the supervision of a technical lead

Key Responsibilities

  • Vulnerability Research: Identify new classes of vulnerabilities across web applications, APIs, and modern architectures, and reproduce real‑world exploitation techniques.

  • From Exploit to Detection: Translate manual attack techniques into scalable automated detection logic, designing payload strategies and validation heuristics.

  • Algorithm Design & Improvement: Continuously improve detection algorithms with a strong focus on accuracy, signal quality, and reduction of false positives and false negatives.

  • Applied R&D: Turn research ideas into practical, production‑ready detection logic suitable for large‑scale automated scanning.

  • Performance & Accuracy Focus: Optimize trade‑offs between coverage, noise, scan duration, and infrastructure cost to ensure scanners remain efficient at scale.

  • Cross‑Team Collaboration: Work closely with Scanners and Platform teams to integrate research outputs into distributed production systems.

  • Technology Watch: Monitor emerging vulnerabilities, CVEs, and offensive research to continuously raise Escape’s detection capabilities.

Tech Stack

  • Languages: Compiled languages (Go, Rust), scripting languages (Python) for prototyping

  • Research Focus: Vulnerability discovery, detection algorithms, and performance‑oriented analysis

  • Execution Context: Research outputs integrated into large‑scale automated scanners

  • Collaboration Surface: Close interaction with production systems and distributed scanning workloads

  • Engineering Focus: Accuracy, performance, and applicability of detection logic at scale

Perks

  • Significant equity (Stock Options/BSCPE) : making you a true stakeholder in our success.

  • Top‑tier health insurance with Alan .

  • Meal vouchers with Swile .

  • Sport subscription with EGYM Wellpass (ex Gymlib) .

  • Access to books and online courses to help you excel in your role.

  • Top‑tier equipment to do your best work.

  • Free time to work on cool Open Source Projects.

  • Opportunities to present research and engineering work at international conferences like RSAC , BSides , BlackHat , DEFCON , APIDays (New York, Las Vegas, San Francisco, London, Paris, Berlin, Barcelona).

Qualifications

  • Experience: 3–5 years in security research, pentesting, offensive security, or an R&D‑oriented engineering role, ideally in an applied or product‑driven environment.

  • Web Security Foundation: Solid hands‑on expertise in web and API security (OWASP Top 10 and beyond), with the ability to understand and reproduce real‑world vulnerabilities.

  • Computer Science Fundamentals: Strong understanding of core computer science concepts (networking, systems, concurrency, parsing, etc.) enabling structured reasoning and debugging.

  • Compiled Languages: Comfortable writing production‑grade code in at least one compiled language such as Go, Rust, or C/C++. Ability to prototype in scripting languages like Python.

  • Applied Mindset: Ability to turn security insights or exploitation techniques into concrete detection logic with measurable impact.

  • Collaboration Skills: Comfortable working closely with backend engineers to integrate detection logic into scalable production systems.

  • Curiosity & Rigor: Analytical mindset, intellectual curiosity, and attention to detail, with high standards for correctness and signal quality.

We respect your time and will make it quick and efficient. The entire process will be completed within 1 week.

Entreprise
Escape
Plateforme de publication
WHATJOBS
Offres pouvant vous intéresser
Lead Security Researcher
PARIS, 75
il y a 24 jours
Lead Software Engineer (Backend Platform & Security Scanners)
PARIS, 75
il y a 7 heures
Lead Security Researcher – Scalable Detection & R&D
PARIS, 75
il y a 24 jours
Penetration tester 5G
PARIS, 75
il y a 24 jours
Soyez le premier à postuler aux nouvelles offres
Pas intéressé En savoir plus
Soyez le premier à postuler aux nouvelles offres
Créez gratuitement et simplement une alerte pour être averti de l’ajout de nouvelles offres correspondant à vos attentes.
* Champs obligatoires
Ex: boulanger, comptable ou infirmière
Pas intéressé
Alerte crée avec succès
Fermer