Security Researcher
Semperis
Semperis focuses on creating an employee experience that is aligned with our vision—being a Force for Good— starting with being a good workplace. Semperis is recognized as one of America’s Fastest-Growing Cybersecurity Companies on the Inc. 5000 List, a DUNS 100 top Start Up to work for and Inc. Best Workplace for multiple years. With teams around the world, you’ll be working alongside top global talent in Cybersecurity and Identity Access Management.
If you are a purpose-driven person who always sees the glass as half full, seizes opportunities, and has an urge to learn and develop your skills—we’d love to meet you.
About the job
We are looking for passionate individuals to join our innovative Security Research team. We're seeking a Security Researcher to help expand our product capabilities by developing custom collectors for various identity and access management platforms.
Overview
We are looking for a detail-oriented and curious Security Researcher with a strong background in penetration testing to join our Security Research team. This role will focus on researching, analyzing, and integrating diverse identity platforms into our attack path discovery and other solutions. The ideal candidate will have a passion for uncovering security flaws, and the ability to translate findings into actionable intelligence for our products, enabling them to gather and analyze data from diverse identity platforms, as well as strong interest in cybersecurity, identity management, and a desire to learn about different technology platforms.
Responsibilities
Develop and maintain advanced techniques and tools for identifying and aligning Identity Security configurations in Active Directory and Entra ID environments with different security benchmarks and controls.
Conduct in-depth research on various software platforms to understand their architecture, authentication mechanisms, and potential identity-centric attack paths.
Analyze the structure and data models of different software platforms to determine the best integration approach with our identity security solutions.
Conduct extensive research and analysis of Active Directory and Entra ID security risks, vulnerabilities, and attacks.
Develop and maintain advanced techniques and tools for identifying and mitigating security threats in Active Directory and Entra ID environments.
Write clean, efficient, and well-documented code in C# and PowerShell,
Collaborate with team members to design and implement custom data collectors and integrators to leverage findings from researched platforms.
Stay updated on new identity platforms and contribute to the documentation of integration processes and best practices.
Qualifications
At least 3 years of experience in Security Research, with a focus on Active Directory or Entra ID techniques.
Proficiency in PowerShell and C# programming language.
Strong understanding in networking with advanced knowledge on - NTLM, Kerberos, SMB, Oauth, SMB, RPC .
Strong analytical and problem-solving skills.
Excellent attention to detail and ability to work independently
Familiarity with industry-accepted security benchmarks and controls (e.g. CIS, NIST)
Preferred Skills
* Advantage : Entra ID
Experience with hybrid identity and cloud environments.
Good understanding of cybersecurity principles and attack paths.
Experience with version control systems.
Knowledge of LDAP, SAML, and / or OAuth protocols.
Knowledge of graph databases and graph theory is a plus.
#LI-TI1
#LI-Hybrid