Enable job alerts via email!
Principal Security Researcher
GitHub, Inc.
Remote
GBP 65,000 - 95,000
Full time
Today
Be an early applicant
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading software development company is seeking a Principal Security Researcher to join their Security Lab team. This remote role requires extensive experience in security research and cybersecurity, focusing on analyzing complex security threats and mitigating issues in open source software. The candidate will lead high-impact research, drive initiatives to safeguard platforms, and influence a diverse range of stakeholders. Ideal candidates will have a deep understanding of code security and a passion for community-centric solutions. Competitive package offered.
Benefits
Competitive pay
Generous learning and growth opportunities
Remote work flexibility
Qualifications
- 12+ years experience in security research or related fields.
- Proven track record of finding security vulnerabilities.
- Experience in producing security vulnerability disclosures.
Responsibilities
- Conduct high impact security research.
- Analyze and synthesize information to address complex security problems.
- Lead efforts to improve security in open source ecosystems.
Skills
Security research
Cybersecurity
Software development
Experience with GitHub
Education
Doctorate in relevant area
Master's Degree in relevant area
Bachelor's Degree in relevant area
Associate's Degree in relevant area
Tools
Security analysis tools
Job description
- High impact security research - Identifies, conducts, and supports others in conducting research into critical security areas, current attacks, adversary tracking. Guides others to synthesize research findings into recommendations for mitigation of security issues. Guides team(s) by sharing expertise to identify potential security issues, tools, mitigations, and processes. Prototypes tools for large-scale security research.
- Analysis of security threats in Open Source - Analyzes and synthesizes collected information to address complex security problems and threats, including emerging threats (e.g. LLM prompt injections). Derive priorities for research and mitigations. Applies expert knowledge and diagnostic expertise to lead postmortem and root cause analyses for complex and/or large‑scale issues in open source to specify tools and systems that support incident response, and mitigate and resolve issues across open source organizations.
- Priorities - Identifies, prioritizes, and targets security issues that have the biggest impact on open source and/or on GitHub's users, or that require significant and complex mitigation.
- Thought leadership - Write blogs, conference talks. Leads, facilitates, and participates in industry and company‑wide forums, and influences them to address the most pressing open source security issues. Position GitHub as a security expert.
- Be the customer's voice - Solicits input from customers and partners, from open source or enterprises, to improve security.
- Internal influence - Uses their technical expertise and their understanding of the customers' needs, from open source or enterprises, to inform and influence internal leadership forums, in order to drive meaningful security impacts in the open source ecosystem, the security of the GitHub platform, and the success of the GitHub Security Products., The Oracle Cloud Infrastructure (OCI) Offensive Security, team provides OCI with the capabilities to ensure our systems and services meet the security objectives we communicate to customers. The Offensive Security group performs security assessments, vulnerability research,..., Your creative field We are looking for a full‑time, permanent Security Manager (all genders) in Germany or in the UK to start in March 2026. We live remote‑first, but you have the freedom to choose whether you want to work hybrid or completely on‑site due to your proximity.
- 12+ years experience in security research, cyber security, security analysis, security engineering, software development, or relevant areas + OR Associate's Degree AND 11+ years experience in security research, cyber security, security analysis, security engineering, software development, or relevant area + OR Bachelor's Degree AND 10+ years experience in security research, cyber security, security analysis, security engineering, software development, or relevant area + OR Master's Degree AND 8+ years experience in security research, cyber security, security analysis, security engineering, software development, or relevant area + OR Doctorate AND 6+ years experience in cyber security, security analysis, security engineering, software development, or relevant area + OR equivalent experience. Additional or Preferred Qualifications.
- 17+ years experience in security research, cyber security, security analysis, security engineering, software development, or relevant areas + OR Associate's Degree AND 16+ years experience in security research, cyber security, security analysis, security engineering, software development, or relevant area + OR Bachelor's Degree AND 15+ years experience in security research, cyber security, security analysis, security engineering, software development, or relevant area + OR Master's Degree AND 13+ years experience in security research, cyber security, security analysis, security engineering, software development, or relevant area + OR Doctorate AND 11+ years experience in cyber security, security analysis, security engineering, software development, or relevant area + OR equivalent experience.
- Track record of security vulnerability disclosures (CVEs) credited to you.
- Credited author on 1+ published article(s)/paper(s) OR Speaker/presenter at a Security‑related conference.
- 5+ years experience in relevant field (e.g., bug bounty, security research).
- 1+ year(s) experience in software development.
- 1+ year(s) experience working with GitHub and/or open source software.
- GitHub values
- Customer‑obsessed
- Ship to learn
- Growth mindset
- Own the outcome
- Better together
- Diverse and inclusive
- Manager fundamentals
- Model
- Coach
- Care
- Leadership principles
- Create clarity
- Generate energy
- Deliver success, INF Security Consultant - Must be CHECK Leader member or equivalent certification REMOTE - Tewkesbury office available to work from if preferred £65k-£95k Dependant on experience - Higher salary level will be expected to hold additional certifications and lots of INF...
- About The Role Are you an experienced water resources specialist looking to lead high‑profile, technically challenging projects? Do you enjoy shaping solutions for clients while guiding and developing talented environmental professionals? We're looking for a, Principal -...
- About GitHub
- GitHub is the world's leading platform for agentic software development - powered by Copilot to build, scale, and deliver secure software. Over 180 million developers, including more than 90% of the Fortune 100 companies, use GitHub to collaborate, and more than 77,000 organisations have adopted GitHub Copilot. Locations In this role you can work from Remote, United Kingdom Overview GitHub is seeking a Principal Security Researcher to join the GitHub Security Lab team and help shape the future of our Open Source Security organization. In this critical leadership position, you'll drive the security research agenda, inspire and coach other security researchers, and influence solutions from GitHub and partners that make a real impact on the open source software we all depend on. We're looking for someone with deep expertise in code security and supply chain security. You have a proven track record of finding security vulnerabilities, of building security tools for developers, and you excel in highly collaborative, cross‑functional environments. In the Security Lab, our mission is to empower open source maintainers and developers to ship secure code. As a Principal Security Researcher, you'll work alongside a globally distributed team to perform elite security research that uncovers and mitigates emerging patterns, empower maintainers and developers with actionable knowledge and pragmatic solutions, be a thought leader for both the security and the development community. You'll lead by example‑both through your own technical contributions and by mentoring others. You'll guide our strategy, influence architectural decisions for GitHub's products, and drive performance optimization in our team to increase our positive impact on the open source ecosystem. Our culture is built on developer empathy, transparency, and inclusive collaboration. Here, curiosity and a drive for impact are at the heart of everything we do. Join us to help shape the future of software development and make a difference for millions of developers around the world, GitHub is the world's leading AI‑powered developer platform with 150 million developers and counting. We're also home to the biggest open‑source community on earth (and 99% of the world's software has open‑source code in its DNA). Many of the apps and programs you use every day are built on GitHub. Our teams are dreamers, doers, and pioneers, leading the way in AI, driving humanitarian efforts around the globe, and even sending open source to Mars (and beyond!). At GitHub, our goal is to create the space you need to do your best work. We're remote‑first and offer competitive pay, generous learning and growth opportunities, and excellent benefits to support you, wherever you are‑because we know that people flourish when they can work on their own terms. Join us, and let's change the world, together.
- Equal Employment Opportunity GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!
- Similar jobs, About SandboxAQ SandboxAQ is a high‑growth company delivering AI solutions that address some of the world's greatest challenges. The company's Large Quantitative Models (LQMs) power advances in life sciences, financial services, navigation, cybersecurity, and other..., Our Mission At Palo Alto Networks everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the..., Job Description - This position is based onsite in Nashville, TN Oracle Cloud Infrastructure (OCI) delivers mission‑critical applications for top tier enterprises around the world. Our cloud offers unmatched hyper‑scale, multi‑tenant services deployed in more than 50...
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Michael Carter
I was stuck sending out resumes with no response until I used JobLeads. They made my resume impossible for recruiters to ignore.
Sophie Reynolds
JobLeads' resume review helped me fix critical mistakes, and I started getting interviews almost immediately!
Daniel Fischer
With JobLeads' resume review, my resume went from overlooked to interview-ready in no time!