GitHub · 2 hours ago
Principal Security Researcher
United States
Full-time
Remote
Lead/Staff
$160K/yr - $425K/yr
8+ years expGitHub is the world’s leading platform for agentic software development, and they are seeking a Principal Security Researcher to join their Security Lab team. This role involves driving the security research agenda, mentoring other researchers, and influencing solutions that enhance the security of open source software.
Artificial Intelligence (AI)Cloud ComputingDeveloper ToolsInternetProject ManagementSaaSSoftware
Responsibilities
High impact security research - Identifies, conducts, and supports others in conducting research into critical security areas, current attacks, adversary tracking. Guides others to synthesize research findings into recommendations for mitigation of security issues. Guides team(s) by sharing expertise to identify potential security issues, tools, mitigations, and processes. Prototypes tools for large-scale security research
Analysis of security threats in Open Source - Analyzes and synthesizes collected information to address complex security problems and threats, including emerging threats (e.g. LLM prompt injections). Derive priorities for research and mitigations. Applies expert knowledge and diagnostic expertise to lead postmortem and root cause analyses for complex and/or large-scale issues in open source to specify tools and systems that support incident response, and mitigate and resolve issues across open source organizations
Priorities - Identifies, prioritizes, and targets security issues that have the biggest impact on open source and/or on GitHub’s users, or that require significant and complex mitigation
Thought leadership - Write blogs, conference talks. Leads, facilitates, and participates in industry and company-wide forums, and influences them to address the most pressing open source security issues. Position GitHub as a security expert
Be the customer’s voice - Solicits input from customers and partners, from open source or enterprises, to improve security
Internal influence - Uses their technical expertise and their understanding of the customers’ needs, from open source or enterprises, to inform and influence internal leadership forums, in order to drive meaningful security impacts in the open source ecosystem, the security of the GitHub platform, and the success of the GitHub Security Products
Qualification
Required
12+ years experience in security research, cyber security, security analysis, security engineering, software development, or relevant areas
OR Associate's Degree AND 11+ years experience in security research, cyber security, security analysis, security engineering, software development, or relevant area
OR Bachelor's Degree AND 10+ years experience in security research, cyber security, security analysis, security engineering, software development, or relevant area
OR Master's Degree AND 8+ years experience in security research, cyber security, security analysis, security engineering, software development, or relevant area
OR Doctorate AND 6+ years experience in cyber security, security analysis, security engineering, software development, or relevant area
OR equivalent experience
Preferred
17+ years experience in security research, cyber security, security analysis, security engineering, software development, or relevant areas
OR Associate's Degree AND 16+ years experience in security research, cyber security, security analysis, security engineering, software development, or relevant area
OR Bachelor's Degree AND 15+ years experience in security research, cyber security, security analysis, security engineering, software development, or relevant area
OR Master's Degree AND 13+ years experience in security research, cyber security, security analysis, security engineering, software development, or relevant area
OR Doctorate AND 11+ years experience in cyber security, security analysis, security engineering, software development, or relevant area
OR equivalent experience
Track record of security vulnerability disclosures (CVEs) credited to you
Credited author on 1+ published article(s)/paper(s) OR Speaker/presenter at a Security-related conference
5+ years experience in relevant field (e.g., bug bounty, security research)
1+ year(s) experience in software development
1+ year(s) experience working with GitHub and/or open source software
Benefits
Annual bonus
Stock
Learning and growth opportunities
Company
GitHub
GitHub is a software company that offers code hosting services that allow developers to build software for open-source and private projects. It is a sub-organization of Microsoft.
501-1000 employees
H1B Sponsorship
GitHub has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (26)
2024 (17)
2023 (14)
2022 (20)
2021 (20)
2020 (10)
Funding
Current Stage
Late StageTotal Funding
$350MKey Investors
Sequoia CapitalAndreessen Horowitz
2018-06-03Acquired
2015-07-29Series B· $250M
2015-06-19Secondary Market
Leadership Team
PJ Hyett
Co-Founder
Kyle Daigle
Chief Operating Officer
Recent News
2025-12-25
Company data provided by crunchbase