Senior Security Researcher

pointwild· Engineering
Apply Now ↗
📍 Pune, India

About this role

Point Wild helps customers monitor, manage, and protect against the risks associated with their identities and personal information in a digital world. Backed by WndrCo, Warburg Pincus and General Catalyst, Point Wild is dedicated to creating the world’s most comprehensive portfolio of industry-leading cybersecurity solutions. Our vision is to become THE go-to resource for every cyber protection need individuals may face - today and in the future. 

Join us for the ride!

About the Role

You'll own the detection pipeline end-to-end for our software supply chain security platform, catching malicious packages and compromised CI/CD pipelines before they reach production systems. This hands-on role involves designing detection systems, hunting threats, disclosing vulnerabilities, and publishing research that protects customers and establishes our voice in the security community. You'll work directly with detection systems that scan open-source packages at scale and turn findings into actionable intelligence.

What You'll Do

  • Design systems that scan open-source packages (npm, PyPI, RubyGems, Maven, crates.io, Go modules, GitHub Actions, container images) for malicious behavior at scale
  • Hunt novel malicious packages, typosquats, dependency confusion attempts, compromised maintainers, and CI/CD abuse patterns
  • Coordinate with maintainers, foundations, and registries to file CVEs and work with GitHub Security Advisories and OSV schema
  • Build internal tooling using static analysis and AI models to triage findings, summarize package diffs, and cluster related campaigns
  • Publish technically rigorous blog posts for every significant finding that establish thought leadership and drive community engagement
  • Tune detection signals, reduce false positives, and develop countermeasures against evolving sandbox evasion techniques

What We're Looking For

  • 4+ years of security research experience with published CVEs, GHSAs, or equivalent advisories with your name on them
  • Deep expertise in multiple vulnerability classes including malicious packages, RCE, prototype pollution, deserialization, SSRF, auth bypasses, and CI/CD attack paths
  • Experience designing and operating detection, scanning, or analysis pipelines at scale that run continuously and produce actionable signal
  • Strong programming skills in TypeScript, Python, Go, or Rust with ability to read code across multiple languages (JavaScript, Ruby, Java, PHP)
  • Proven track record of writing high-quality technical blog posts quickly and hands-on experience using LLMs as research tools

Bonus Points

  • Contributions to OpenSSF, OSV, Sigstore, SLSA, or adjacent open source security projects
  • Reverse engineering experience with obfuscated JavaScript droppers, packed binaries, or malicious post-install scripts
  • Conference speaking experience at DEF CON, Black Hat, BSides, OffensiveCon, or Kaspersky SAS

As part of Point Wild, you will:

Solve real customer problems. Point Wild’s point solutions allow consumers to address their immediate cyber protection needs. Our mandate is to continuously anticipate our customers’ evolving digital security needs to create best-in-class solutions aimed at keeping them safe.

See your impact. We are a scrappy, nimble organization where individual contributions are needed and valued. You will see your impact every day.

Accelerate your career.  As we expand, you will have the opportunity to learn new technologies, products, and markets in a fast-paced, growth-oriented environment.

Most importantly, you’ll get to work with other talented people at a company where people matter. If you want to put your fingerprint on an organization and leapfrog your growth, this is the place for you.

In keeping with our beliefs and goals, no employee or applicant will face discrimination or harassment based on race, color, ancestry, national origin, religion, age, gender, marital domestic partner status, sexual orientation, gender identity, disability status, or veteran status. Above and beyond discrimination or harassment based on “protected categories,” Point Wild is committed to being an inclusive community where all feel welcome. Whether blatant or hidden, barriers to success have no place at Point Wild.

Important privacy information for United States based job applicants can be found here.

 

Frequently Asked Questions

Is the salary disclosed for the Senior Security Researcher position at pointwild?
The salary for this Senior Security Researcher role at pointwild is not publicly listed. Click "Apply Now" to learn more about the compensation package on their official careers page.
Where is the Senior Security Researcher position at pointwild located?
This Senior Security Researcher role at pointwild is based in Pune, India. The position is listed as on-site or hybrid. Check the full job description or apply directly to confirm the work arrangement.
Which team or department does the Senior Security Researcher at pointwild belong to?
This Senior Security Researcher position is part of the Engineering department at pointwild. See the full job description for more information about the team structure and responsibilities.
How do I apply for the Senior Security Researcher position at pointwild?
Click the "Apply Now" button on this page. You will be redirected to pointwild's official application portal hosted on greenhouse where you can submit your application directly.
When was the Senior Security Researcher job at pointwild posted?
This Senior Security Researcher position at pointwild was posted on May 21, 2026. Apply as soon as possible — early applications are often reviewed first.
Senior Security Researcher
pointwild
Apply for this role ↗

You'll be redirected to pointwild's official application page on Greenhouse.