Must-Have Skills

• 5+ years of experience as a Cybersecurity Researcher (supply-chain attacks, malware analysis)
• Familiarity with open-source registry ecosystems (npm, PyPI, Maven) and their respective attack surfaces
• Proven ability to ship software in a production environment
• Strong understanding of the SDLC and modern CI/CD pipelines
• Comfortable leveraging AI tools to optimize research and development processes
• Proactive and independent mindset, with the ability to take full ownership of projects

Nice to Have

• Active contributions to open-source security tools or research projects
• Hands-on experience with decompilers, debuggers, and network traffic analysis
• Advanced malware analysis experience (obfuscation, encryption, anti-analysis, and sandbox-evasion techniques)
• Web application penetration testing experience
• Published CVEs, coordinated disclosures, writeups, blogs, or research papers
• Experience public speaking at major industry conferences (e.g., Black Hat, DEFCON, RSAC)
• A genuine passion for cybersecurity, open-source communities, and solving complex ecosystem threats