At Alma Security we are at the cutting edge of eBPF-based application runtime protection, pioneering real-time security solutions for cloud-native environments. Our platform leverages network-level application observability to detect and neutralize sophisticated threats before they cause damage. We are looking for passionate and talented individuals to help us push the boundaries of what’s possible in runtime security.

We're looking for an Application Security Researcher, you will dive deep into application traffic to uncover vulnerabilities, develop detection methods for known exploits and zero-days, and reverse engineer suspicious patterns in real-time communication. You will work directly with complex datasets, including HTTP, Kafka, Postgres, Redis traffic, and apply your expertise in application security to identify emerging threats that others miss. Your discoveries will shape the evolution of our security platform, making it smarter and more adaptive to ever-evolving threats.

Key Responsibilities:

• Analyze real-time application traffic data to detect security vulnerabilities and threats.
• Develop and refine scripts to assist in flagging suspicious traffic and identifying patterns or behaviors indicative of security risks.
• Create detailed reports on findings and collaborate with the engineering team to implement and refine detection algorithms.
• Proactively stay updated on security trends, attack vectors, and vulnerabilities relevant to our industry and data sets.

Required Skills & Qualifications:

• Strong Application Security Background: 3+ years of experience in application security, e.g. as a penetration tester, or as a security researcher, ideally within a startup environment, where you’ve identified and mitigated application vulnerabilities and security risks.
• Strong Data Analysis Skills: Ability to work with large data sets and find security issues, trends, and anomalies.
• Proficiency in Python: Capable of writing Python scripts to automate analysis and identify suspicious patterns.
• Understanding of Networking Protocols: Familiar with analyzing network traffic, HTTP protocols, and data interactions with Postgres, Kafka, Redis, etc.