Security Researcher

Description

Silverfort is a cyber-security startup that develops a revolutionary identity protection platform. Using patented technology, our product enables strong authentication across entire corporate networks and cloud environments without any modifications to endpoints and servers. In addition, we use advanced behavior analytics to apply adaptive authentication policies and prevent cyber-attacks in real-time.  

Our mission is to provide industry-leading unified identity protection solutions for hybrid and multi-cloud environments. We develop cutting-edge cybersecurity technology that solves urgent customer needs today and is also a game changer for years to come. 

Silverfort has happy customers worldwide, strong market validation (including several industry awards), strategic partnerships with the largest security vendors in the world, and significant funding from leading VCs.  

As a Security Researcher, you'll play a crucial role in building and improving Silverfort’s identity security platform. This role has a direct impact on the product, and the researcher is expected to be able to innovate, conduct thorough research, and come up with new capabilities and modules.

Responsibilities

• Conduct deep-dive research on authentication APIs and protocols (SAML, OIDC, OAuth), mapping their behaviors, identifying security value, and specifying new platform integrations
• Lead and execute innovative security research projects focused on identity systems (Active Directory, cloud IAM), translating high-level requirements into concrete technical modules and capabilities
• Ideate and prototype advanced features and technologies, experimenting with emerging standards, API patterns, and cloud-native approaches to drive Silverfort’s roadmap for next-gen identity protection
• Collaborate closely with the Product team to align strategic directives with technical reality and drive innovation
• Partner with R&D to design the architecture of new modules and capabilities within the platform
• Produce comprehensive technical blogs and documentation to share insights with both internal teams and the broader cybersecurity community

Requirements

• 5+ years of experience in security research, security engineering, or incident response, with focus on identity, Active Directory, and/or cloud environments
• At least 2 years of experience with cloud platforms (AWS, Azure, GCP) and in IAM
• Knowledge of SaaS authentication protocols (SAML, OIDC, OAuth)
• Experience with Active Directory, on-premises infrastructure, and related protocols (Kerberos, NTLM, SMB, LDAP)
• Programming skills (Python preferred), including ability to develop research tools and understand production code
• Familiarity with data analysis tools and processes (SQL, Python) and platforms such as Snowflake, Splunk, or Wireshark
• Experience defending identities and securing cloud infrastructure
• Ability to work cross-functionally with Product and R&D teams
• Strong communication skills in both written and spoken English

Advantages:

• Familiarity with AI systems, AI security, and model behavior
• Experience with web/app security, red teaming, or adversary simulation
• Prior experience in customer-facing roles (e.g., consulting, solution engineering)