Key skills
AWSAzureCloudGoogle Cloud PlatformPythonRustGoAILLMGCPGoogle CloudOAuthJWTCommunication
About this role
Role Overview
- Investigate novel and existing tactics to find and abuse exposed credentials, then publish your findings as authoritative research.
- Analyze ongoing threats and attacks, exploring new exploitation techniques, and documenting emerging tactics.
- Collaborate with our engineering teams to identify ways to improve our products in terms of secret validation and coverage.
- Track offensive trends and techniques, and work closely with our marketing team to produce 2–3 technical deep-dive articles or talks per quarter.
Requirements
- 5+ years of experience working in a security engineer role, with 2+ years dedicated to research-related work, or equivalent.
- Strong offensive security background (pentesting, vulnerability research, or red team experience) with the ability to think like an attacker and translate that into defensive insights.
- Experience with reverse engineering (binary analysis, malware inspection, malicious packages) and API/web security (OAuth, JWT, token validation, secret exposure patterns).
- Comfortable working with modern infrastructure, such as cloud platforms (AWS, GCP, or Azure) or AI/LLM ecosystems, and able to assess their specific security implications.
- Proficient in at least one system or scripting language (Python, Go, or Rust), fluent with a terminal, and able to independently retrieve, transform, and analyze datasets to support research conclusions.
- Public research track record: CVEs, conference presentations, open-source tooling, or technical publications.
- Fluent in English (written and spoken), with strong communication skills: you can explain complex vulnerabilities clearly to both technical and non-technical audiences and present at international conferences.
Tech Stack
- AWS
- Azure
- Cloud
- Google Cloud Platform
- Python
- Rust
- Go
Benefits
- Package that includes BSPCE
- Lunch voucher (Swile, 12€ at 50%)
- Sponsored Wellpass (gymlib)
- Non-charged health insurance for children (Sidecare / Generali)
- Up to €300 to improve your home office set-up
- Yearly holiday allowance
- Referral bonus of 4000€ for any new Guardian we might hire thanks to you
- Team building: monthly budget dedicated to each employee that you can spend as you wish, with colleagues (latest examples to date: Michelin star restaurant, karaoke, stand-up show, kitesurfing week-end, ...)
- Remote policy: hybrid (3 days/week at the office in Paris)
- Opportunities for career development in the long term