Lead Software Security Researcher at Finite State

Finite State is seeking a Lead Security Researcher to join their Software Testing Pipeline team. This role involves developing, maintaining, and expanding Finite State's security analysis capabilities. The Lead Security Researcher will collaborate with engineering teams and lead projects to enhance the reach and accuracy of software analysis tools, creating unique solutions to previously unsolved problems. The company is committed to a remote-first culture.

The role involves:

• Leading projects to develop proofs of concept and implement new static analysis methods.
• Leading efforts to identify and prioritize security risks (CVEs, CWEs, etc.).
• Developing techniques for software composition analysis focused on binary analysis.
• Contributing to various parts of the analysis pipeline.
• Being responsible for pragmatic technical decision-making.
• Upholding core values of transparency, results, accountability, customer dedication, and courage.
• Championing the mission to protect our connected world.

Requirements:

• Proven experience in security research or software analysis.
• Experience implementing and utilizing static-analysis and dynamic-analysis tools.
• Experience with disassemblers and reverse-engineering tools (e.g., Ghidra, IDA Pro, binwalk).
• Understanding of common vulnerability and software weakness classes.
• Programming skills in Python and affinity for automated testing.
• Experience working on small, fast-paced teams.
• Strong communication and collaboration skills.

Finite State offers:

• Competitive salary with stock option grant
• Fully covered medical, dental, vision
• Unlimited PTO & outstanding parental leave
• WFH stipend
• Short and long-term disability coverage
• Life insurance