Security Research Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Obsidian Security · 1 week ago

Security Research Engineer

positionUnited States
timeFull-time
remoteRemote
seniorityEntry, Mid Level
money$153K/yr - $201K/yr
date2+ years exp

Obsidian Security is a company focused on securing SaaS applications, and they are seeking a Security Research Engineer to enhance their identity-focused security detections. The role involves researching attack techniques, analyzing threats, and developing detection capabilities to improve customer security.

ComputerCyber SecurityNetwork SecuritySaaS
check
H1B Sponsor Likelynote

Responsibilities

Research emerging attack techniques across IdPs, SaaS, and cloud environments
Analyze adversary behaviors such as credential abuse, session hijacking, privilege escalation, and persistence
Share your insights with the community through blogs, whitepapers, talks, and contributions that elevate industry understanding
Analyze large volumes of identity and SaaS telemetry to identify indicators and behavioral patterns
Form hypotheses and run experiments to improve detection accuracy
Translate research into rules, heuristics, anomalies, and behavioral models
Partner with engineering to improve detection pipeline capability and performance
Test detections against simulated attacks and real data
Work with product on detection priorities
Partner with engineering on pipelines and telemetry quality
Share findings with customer-facing teams and support investigations when needed

Qualification

Security researchDetection engineeringIdentity systemsData analysisCloud/SaaS attack surfacesPythonSQLThreat simulationRed/blue teamingCross-functional collaboration

Required

2–3 years in security research, detection engineering, threat intel, or similar
Experience building detections and analyzing large datasets
Strong understanding of identity systems (Okta, Azure AD/Entra, Google Workspace, etc.) and authentication flows
Familiarity with cloud/SaaS attack surfaces and attacker TTPs (MITRE ATT&CK, OAuth abuse, identity threats)
Ability to analyze logs and signals from IdPs, cloud, or SaaS apps
Experience creating or validating rule-, anomaly-, or behavior-based detections
Experience with scalable data pipelines (Spark or similar)
Familiar with Python and SQL

Preferred

Bonus: threat simulation, red/blue teaming

Benefits

Competitive compensation with equity and 401k
Comprehensive healthcare with dental and vision coverage
Flexible paid time off and paid holiday time off
12 weeks of new parent or family leave
Personal and professional development resources

Company

Obsidian Security

twittertwittertwitter
company-logo
Obsidian Security is a threat detection and posture management for business-critical saas applications.
dateFounded in 2017
location
Newport Beach, California, USA
people-size51-200 employees
web-link
https://www.obsidiansecurity.com

H1B Sponsorship

Obsidian Security has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (5)
2024 (5)
2023 (1)
2022 (4)
2021 (3)
2020 (2)

Funding

Current Stage
Growth Stage
Total Funding
$119.5M
Key Investors
Wing Venture CapitalGreylock
2022-04-14Series C· $90M
2019-02-27Series B· $20M
2017-06-08Series A· $9.5M

Leadership Team

leader-logo
Hasan Imam
CEO
linkedin
leader-logo
Ben Johnson
Co-Founder
linkedin

Recent News

Greylock
Our Investment in Obsidian Security
2025-12-29
Greylock
Greylock Portfolio - Obsidian Security
2025-12-29
linkedin.com
Glenn Chisholm’s Post
2025-12-04
Company data provided by crunchbase