Senior / Principal Cybersecurity Research Engineer

Description

Location: Remote position. Occasional travel to our office in Golden, Colorado is required.

About Pentera

Pentera is the leading company in Automated Security Validation, empowering organizations globally to emulate real-world attacker behavior and reveal their actual security gaps across various environments including on-prem, cloud, and hybrid setups. With over 1,200 clients in more than 50 countries, we are dedicated to transforming how modern enterprises continuously verify their security posture.

About the Role

We are on the lookout for a Cybersecurity Research Engineer to join our R&D team and play a crucial part in the evolution of automated security validation. In this vital role, you will engage in deep, hands-on technical research focusing on attacker methodologies and system behaviors across operating systems, identity systems, cloud platforms, and enterprise ecosystems. Your findings will be transformed into production-grade, automated attack emulations that adapt dynamically, closely mirroring the tactics of skilled attackers.

This is a highly technical position that combines research, development, and applied AI, with a direct influence on a real-world security product.

Responsibilities

• Conduct in-depth investigations into attacker techniques across Windows, Linux, identity systems, cloud environments, and external attack surfaces.
• Design and develop advanced attack simulation techniques that challenge modern security controls and defensive architectures.
• Translate research findings into scalable, production-ready capabilities within Pentera's automated validation platform.
• Architect and implement decision-making logic for dynamic attack paths and adaptive behavior during automated operations.
• Create high-quality code to support complex attack simulations using appropriate languages and technologies.
• Work closely with R&D, engineering, and product teams to seamlessly integrate new research into the platform.
• Mentor team members while fostering a culture of technical excellence, curiosity, and continuous learning.

Requirements

• 5+ years of hands-on experience in security research, penetration testing, or adversarial security engineering.
• Strong knowledge of Windows internals, operating systems, networking, and enterprise environments.
• 3+ years of experience developing in Python.
• Proven ability to write efficient, stealth-aware, production-quality security-related code.
• Experience with security research tools and frameworks such as Metasploit, Impacket, Nmap, Burp, or similar.
• Proficiency in reverse engineering and debugging using tools such as IDA, Ghidra, WinDBG, or Radare2.
• Experience working with cloud platforms like AWS and Azure.
• Ability to apply AI or machine learning concepts to decision-making, automation, or behavior modeling within complex systems.
• Strong collaboration skills, adaptability, and a willingness to learn quickly.

Preferred Qualifications

• Experience modeling attacker decision-making, attack paths, or adversarial behaviors.
• Familiarity with graph-based analysis, pathfinding, or automated reasoning systems.
• Hands-on experience with security product development and large-scale platforms.
• Exposure to AI-driven automation, agent-based systems, or adaptive workflows.
• Bachelor's degree in Computer Science or a related technical field.

Compensation:

The base salary range for this role is $180,000-$220,000, based on experience, skills, and location. This range reflects the base compensation only. Pentera also provides a comprehensive total rewards package including performance-based bonuses, equity opportunities, health and wellness benefits, retirement plans, and other perks that support long-term growth and well-being.

We are an equal opportunity employer committed to building a diverse and talented workforce. We do not discriminate on the basis of race, sex, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, medical condition, disability, or any other class or characteristic protected by applicable law. We welcome candidates from all backgrounds to apply!