Key Facts

Remote From:

Armenia , Belarus , Ukraine , Poland

Category: Security Analyst

Full time

Senior (5-10 years)

English

Hard Skills

Malware Analysis Software Development CI/CD Computational Tools GNU Debuggers Network Traffic Analysis Property Ownership

Other Skills

•
Public Speaking
•
Proactivity

Roles & Responsibilities

5+ years of experience as a Cybersecurity Researcher
Familiarity with open-source registry ecosystems
Proven ability to ship software in a production environment
Strong understanding of the SDLC and modern CI/CD pipelines

Requirements:

Analyze supply chain attacks and dissect malware
Build open-source tools
Work with cross-functional teams to scan and protect users and organizations
Shape the future of cybersecurity regarding modern threats

Commit

About Commit

Commit is a global tech services company with offices in New York, Israel, and Europe. The company was founded in 2005 and has over 700 multi-disciplinary innovation experts who serve a broad range of companies, from small startups to large enterprises in multiple business sectors. Commit specializes in advanced technologies and applications with dedicated practices in Software, IoT, Big Data, Cloud, Cyber, Collaboration, Data center migration projects, and more. Commit offers innovative, end-to-end technology solutions by developing custom software and IoT platforms for clients looking to build their next-gen products within the modern ICT world. Commit’s complete and comprehensive engineering powerhouse of resources, and proprietary Flexible R&D methodology helps transform its clients’ technology visions into high-quality products while reducing costs and improving time-to-market.

Company type: SME

Founded: 2018

Company size: 501 - 1000

Website LinkedIn See all jobs →

Job description

Description

Company is the pioneer of Active ASPM, purpose-built to secure the modern software supply chain in the age of AI. While traditional tools overwhelm teams with endless alerts, cuts through the noise to identify the critical 5% of risks — those that are truly reachable and exploitable. From GenAI-generated code to cloud runtime, company gives developers and security teams the visibility and automation needed to ship secure software, faster.

We're looking for a highly skilled, driven Security Researcher to join our research group to analyze supply chain attacks, dissect malware, and build open-source tools. This is a high-impact role: you'll work with cross-functional teams to scan and protect users and organizations worldwide from the hottest cyber threats, playing a key part in shaping the future.

Requirements

Must-Have Skills:

5+ years of experience as a Cybersecurity Researcher (supply-chain attacks, malware analysis)
Familiarity with open-source registry ecosystems (npm, PyPI, Maven) and their respective attack surfaces
Proven ability to ship software in a production environment
Strong understanding of the SDLC and modern CI/CD pipelines
Comfortable leveraging AI tools to optimize research and development processes
Proactive and independent mindset, with the ability to take full ownership of projects

Nice to Have:

Active contributions to open-source security tools or research projects
Hands-on experience with decompilers, debuggers, and network traffic analysis
Advanced malware analysis experience (obfuscation, encryption, anti-analysis, and sandbox-evasion techniques)
Web application penetration testing experience
Published CVEs, coordinated disclosures, writeups, blogs, or research papers
Experience public speaking at major industry conferences (e.g., Black Hat, DEFCON, RSAC)
A genuine passion for cybersecurity, open-source communities, and solving complex ecosystem threats