Truffle Security Co.Remote
Security Research Engineer
United States
Full-time
6 days ago
$140,000 - $190,000 USD
No H1B
Key skills
Software Engineering ExperienceData Pipeline ExpertiseAWS KnowledgeProduction AI ToolingApplication Security KnowledgeOwnership & CollaborationRapid PrototypingAI-First MindsetSecrets ExperienceOpen Source ContributorReliabilityPresentation SkillsAIMLLLMAnalyticsAWSTrufflePrototypingCollaboration
About this role
Truffle Security is dedicated to enhancing cybersecurity through community-driven efforts and open-source tools. As a Security Research Engineer, you will bridge the gap between security research and engineering, focusing on building and maintaining data pipelines and developing innovative AI-based security tools.
Responsibilities:
- Take full ownership of the research data pipeline, ensuring that data is ingested, processed, and utilized efficiently to fuel our detection engines and research projects
- Design and implement agentic workflows that leverage LLMs and other ML concepts for complex reasoning, multi-step tool-use, and autonomous security research tasks
- Act as the engineering backbone for our security research efforts, translating complex research concepts into scalable, functional tools
- Support the Principal Research Engineer in delivering high-priority projects, providing the engineering muscle needed to accelerate our research roadmap
Requirements:
- 3–5 Years of Software Engineering Experience: A strong foundation in general software engineering, with a track record of building reliable, maintainable systems
- Data Pipeline Expertise: Proven experience running and optimizing data pipelines, ideally within the context of detection engineering or security analytics
- Intermediate AWS Knowledge: Intermediate experience deploying and maintaining research-focused resources on AWS
- Experience Building Production AI Tooling: Direct experience moving LLM-based projects from the PoC stage into a stable production environment
- Security Literacy: Intermediate knowledge of application security and offensive security principles (understanding how attackers operate)
- Ownership & Ego-less Collaboration: You are comfortable owning entire projects from end-to-end but approach collaboration with a 'no-ego' mindset
- Reliability: You are known for being thorough and ensuring that your work is dependable and robust
- Rapid Prototyping: An ability to build and iterate quickly, balancing speed with the thoroughness required for security-sensitive work
- AI-First Mindset: A deep interest in AI/ML with a commitment to high-quality output
- Presentation Skills: Experience or interest in presenting research findings or technical work to the broader security community
- Secrets Experience: Prior experience working with secrets management, secret scanning, or related security disciplines
- Open Source Contributor: A history of contributing to or maintaining open-source security tools