VibeSecCon Returns: The Security Summit Running From Prompt to Runtime. June 16th, 2026
Register Now
← All Jobs

Security Research

EMEA · Full-time

About The Position

Ox Security secures the AI-driven SDLC from prompt to production. We eliminate critical, real-time risks from AI code generation through cloud runtime by doing what conventional tools can’t: unifying development and cloud context to stop vulnerabilities right at the source. At OX, we’re building the future of cyber security for the AI era. If you’re looking to work on disruptive technology with an amazing team, you belong here.

We're looking for a highly skilled and driven Security Researcher to join our research group to analyze supply chain attacks, dissect malware, and build open-source tools. This is a high-impact role where you'll work with cross-functional teams to help scan and protect users and organizations around the world from the hottest cyber threats, playing a key part in shaping the future of OX.

Responsibilities

What You'll Be Doing

  • Build innovative open-source tools to detect and analyze software supply chain attacks, including compromised packages, malicious packages, and package vulnerability exploitation.
  • Research supply chain attacks and investigate APT groups' tactics, techniques, and procedures (TTPs).
  • Reverse engineer, dissect, and decompile malware and vulnerabilities, translating findings into comprehensive whitepapers.
  • Drive research and development cycles end-to-end independently, ensuring high-quality execution from concept to delivery.
  • Collaborate with internal teams and stakeholders to continuously improve our security posture and methodologies

Requirements

What We're Looking For

  • 5+ years of experience as a Cybersecurity Researcher.
  • Proven ability to ship software in a production environment.
  • Strong understanding of the SDLC and modern CI/CD pipelines.
  • Comfortable leveraging AI tools to optimize research and development processes.
  • Familiarity with open-source registry ecosystems ( npm, PyPI, Maven) and their respective attack surfaces.
  • Proactive and independent mindset, with the ability to take full ownership of projects.


Bonus Points For

  • Active contributions to open-source security tools or research projects.
  • Hands-on experience with decompilers, debuggers, and network traffic analysis.
  • Advanced malware analysis experience (including obfuscation, encryption, anti-analysis, and sandbox-evasion techniques).
  • Web application penetration testing experience.
  • Published CVEs, coordinated disclosures, writeups, blogs, or research papers.
  • Experience public speaking at major industry conferences (e.g., Black Hat, DEFCON, RSAC).
  • A genuine passion for cybersecurity, open-source communities, and solving complex ecosystem threats

Apply for this position