Security Researcher Jobs in Detroit, MI
Security Researcher jobs in Detroit are in active demand, concentrated in Midtown, Downtown, and the New Center area across automotive cybersecurity, financial services, and defense contracting. Employers hiring right now include Allied Universal, Aurora Innovation, and Kastle Systems. Find a role that fits below and apply directly.
Find Security Researcher JobsOverview
Showing 5 of 37+ Security Researcher jobs











Job Description
We are seeking a Security Software Engineer to build and harden software systems supporting DoD programs operating under CMMC/NIST 800-171/FedRAMP compliance requirements. You will embed security across the SDLC—from design and code review through CI/CD and cloud deployment—working alongside engineering, DevSecOps, and IT teams in a regulated, cloud-native environment (AWS Commercial and GovCloud, Azure GCC High).
Responsibilities
Core Engineering & Secure Development:
- Design and develop secure software with a security-first mindset baked into every phase of the SDLC.
- Apply secure coding standards, threat modeling, and vulnerability mitigation aligned to NIST 800-53 and CMMC Level 2/3 controls.
- Conduct architecture reviews and code hardening to address OWASP Top 10 and DoD STIGs.
- Automate security gates in CI/CD pipelines (SAST, DAST, dependency scanning, secrets detection).
Security Architecture & Controls:
- Design secure system and API architectures for multi-tenant cloud environments, including GCC High and FedRAMP-authorized platforms.
- Implement IAM controls, JIT provisioning, SSO/SAML/OIDC flows, and least-privilege authorization frameworks (e.g., Cognito, Azure AD).
- Instrument applications with security logging and monitoring that satisfies audit and continuous monitoring requirements (AU/SI control families).
Vulnerability Management & Response:
- Lead code reviews, SAST/DAST scans, and targeted penetration testing; document findings against control frameworks.
- Triage and remediate vulnerabilities within POA&M timelines; maintain artifact evidence for compliance assessments.
- Support incident response for application-layer events; contribute to after-action reports and corrective action plans.
Cross-functional Collaboration:
- Serve as the embedded security champion for engineering squads, raising the security bar through mentorship and code review culture.
- Develop and deliver security training and runbooks tailored to engineering and DevOps team members.
- Collaborate with DevOps/SRE to enforce secure IaC, WAF rules, network controls, and runtime monitoring across AWS and Azure environments.
Required Qualifications
- Bachelor’s degree in Computer Science, Engineering, or related field—or equivalent experience.
- 3+ years of software engineering experience with a strong focus on security.
- Proficiency in one or more programming languages (e.g., JavaScript/TypeScript, Python, Go, C#).
- Experience with secure coding practices and frameworks.
- Strong understanding of application security principles, including:
- OWASP Top 10
- Secure API/REST design
- Cryptography fundamentals
- Authentication/authorization patterns
- Experience with code scanning tools (SAST/DAST), threat modeling, and penetration testing.
- Familiarity with NIST 800-171, CMMC, or FedRAMP security control requirements and evidence collection.
- Hands-on experience with AWS and/or Azure security services (IAM, WAF, Security Hub, Defender, Sentinel); GCC High or GovCloud experience a plus.
Preferred Qualifications
- Experience with container security (Docker, ECS).
- Working knowledge of Zero Trust Architecture principles.
- Experience building DevSecOps pipelines in regulated environments; familiarity with tools like Prisma, Checkov, Snyk, or Aqua.
- Relevant certifications (any of the following):
- CISSP, CSSLP, or CASP+
- OSCP
- CEH
- GIAC (GWAPT, GSEC, GWEB) or CCP/CCA (UK Cyber Essentials equivalent)
- Experience securing microservices or event-driven architectures on ECS; background in federal or cleared environments preferred.
See All 37 Security Researcher Jobs in Detroit
Find roles in Detroit that match your experience and apply in just a few clicks.
Find Security Researcher JobsSecurity Researcher Job Market in Detroit
Who's Hiring



Top Industries Hiring
- Technology & Software
- Science & Research
- Construction & Real Estate
- Electronics & Hardware
- Healthcare & Medical Services
Security Researcher Jobs in Detroit: Frequently Asked Questions
How do I get a security researcher job in Detroit?
Detroit's security researcher market centers on automotive cybersecurity, defense contractors near the Detroit Arsenal corridor, and regional financial institutions headquartered Downtown and in the Fisher Building area. Candidates who combine hands-on vulnerability research or penetration testing experience with familiarity in industrial control systems or automotive protocols stand out here. Certifications like OSCP or CEH help, but a strong portfolio of documented findings moves applications to the top in this market.
Which companies hire security researchers in Detroit?
Detroit security researcher roles are posted by Allied Universal, Aurora Innovation, and Kastle Systems and others right now, based on current listings on Migrate Mate as of July 2026. Detroit's hiring base skews toward automotive OEMs and their Tier 1 suppliers, defense-adjacent contractors, regional banks, and health systems concentrated in Midtown and the greater metro area.
Are there remote security researcher jobs in Detroit?
Yes, though availability depends heavily on the role type: analytical and threat intelligence positions tend to be remote-friendly, while roles involving physical lab testing, automotive hardware, or classified environments are almost always on-site. About 47% of security researcher openings tied to Detroit are remote or hybrid as of July 2026, with fully remote options most common in software vulnerability research tied to Detroit-based technology and financial services employers.
How can I get a security researcher job in Detroit with little or no experience?
The most realistic entry path in Detroit is landing a junior analyst or security operations role at one of the region's automotive suppliers or regional financial institutions, then building toward dedicated research work. Detroit's automotive sector actively develops internal talent through rotational programs, making Tier 1 suppliers a practical target for entry-level candidates. A home lab portfolio, participation in CTF competitions, and a focused specialization in vehicle network security or financial fraud analysis will differentiate you in Detroit's market.
Which industries hire the most security researchers in Detroit?
Most security researcher openings in Detroit sit in Technology & Software, Science & Research, and Construction & Real Estate, per current listings on Migrate Mate as of July 2026. Detroit's position as the center of the U.S. automotive industry drives outsized demand for researchers with connected-vehicle and embedded-systems expertise, while the concentration of regional banks and health systems in the metro adds consistent demand across financial and healthcare cybersecurity.
Related Jobs in Michigan
See All 37 Security Researcher Jobs in Detroit
Find roles in Detroit that match your experience and apply in just a few clicks.
Find Security Researcher Jobs