Security Researcher Jobs in California

Title: Product Security Research Engineer
Duration: Long term
Location: San Jose, CA (Remote) (ONLY W2)

Job Description:

About the Role

As a Senior Member of Technical Staff, you will focus on the proactive discovery and technical validation of complex attack paths within the Nutanix product ecosystem. This is a deeply technical, engineering-centric role designed for a practitioner who excels at deconstructing the logic of an exploit. Working closely with our Security Architects, you will move beyond identifying individual flaws to demonstrate how vulnerabilities can be linked to create significant exposure. Your mission is to provide the offensive insight needed to build stronger, preventative defense and to leverage AI-driven engineering to stay ahead of sophisticated threats.

About the Team

The Client PSIRT is a growing center of excellence dedicated to the security of our products and the trust of our customers. We focus on “doing the right thing” by our users, investing in proactive defense and technical excellence. Our team values collaborative engineering and the pursuit of operational integrity. As we scale to meet new challenges, we are looking for engineers who are passionate about understanding how systems fail and building the technical intelligence required to protect them.

Responsibilities

- Attack Path Discovery: Partner with Security Architects to identify and technically validate potential exploit sequences. You will engineer proofs-of-concept to demonstrate how individual vulnerabilities can be linked to create significant product exposure.
- Impact Analysis: Perform deep-dive technical research to determine the exact “blast radius” of a vulnerability. You will be responsible for identifying exactly which products and versions are impacted and what specific data or services are at risk.
- Proactive Defense: Translate offensive research into preventative measures, providing Engineering teams with the technical evidence and architectural guidance needed to implement robust, long-term mitigations.
- AI-Enhanced Security Engineering: Explore and implement AI-driven automation to enhance our discovery and analysis capabilities. You will use emerging technologies to scale the identification of complex vulnerability patterns across the Nutanix stack.
- Technical Advocacy: Serve as a senior technical subject matter expert during high-stakes triage, helping stakeholders understand the practical reality of threat through evidence-based technical analysis and exploit modeling.

Qualifications

What you’ll bring to the team:

- Technical Research Background: 6-9 years of experience in Product Security Engineering, Vulnerability Research, or Offensive Security, with a focus on deconstructing complex software systems.
- Architectural Mindset: A talent for “Attack Path Thinking”, you can look at a complex architecture and identify how a minor logic flaw could lead to a major compromise.
- Technical Depth: A strong understanding of software vulnerabilities (logic flaws, memory corruption, auth bypasses) and how they manifest in cloud-native and hybrid-cloud environments.
- AI/ML Curiosity: Experience or a strong interest in using AI-driven tools to scale security engineering and automate the discovery of sophisticated vulnerability patterns.
- Collaborative Inquiry: An ability to work as peer with Architects and Developers, using technical data and research to build consensus on remediation paths.

Bonus points if you have:

- Experience with reverse engineering or high-level exploit development in a research-focused environment.
- Familiarity with “Graph-based” security analysis (mapping relationships between assets, permissions, and vulnerabilities).
- Contributions to the security community, such as tool development, technical whitepapers, or responsibility disclosed CVEs.
- Experience in a distributed engineering environment where technical evidence is the primary driver of security prioritization.