Principal Security Researcher, Google (Remote - US)

This position is posted by Jobgether on behalf of Huntress. We are currently looking for a Principal Security Researcher, Google in the United States.

This role offers an exciting opportunity to join a highly skilled security team focused on protecting millions of endpoints worldwide by developing innovative defenses against evolving cyber threats. As a Principal Security Researcher, you will investigate attacker behaviors within Google environments, build weaponized proofs-of-concept, and help shape the security capabilities that safeguard thousands of businesses. The position requires deep technical expertise, creativity, and a collaborative spirit, all within a fully remote and mission-driven setting.

Accountabilities:

• Lead the development of layered defense strategies combining diverse data sources to enhance security products.
• Investigate identity compromises like account takeover and credential theft to inform threat detection and identity protection features.
• Hunt threat actors in Google environments, analyzing attacker methods for initial access and persistence.
• Test attack paths and develop exploit proofs-of-concept to improve product defenses.
• Identify and validate telemetry signals confirming malicious activity with high confidence.
• Reverse engineer technology to find security weaknesses and undocumented features.
• Document research findings through technical reports, advisories, and blogs.
• Collaborate closely with product, engineering, and security teams to prioritize impactful features and product launches.
• Promote security awareness through media, public speaking, and educational initiatives.

• Expert knowledge of Google logs, APIs, and the ability to access and test Google data beyond native tools.
• Proven experience bypassing Google security controls, including MFA, and executing account takeovers.
• Skilled at building reliable weaponized exploit proofs-of-concept for identified vulnerabilities.
• Strong understanding of Google vulnerabilities and threats with hands-on testing in custom labs.
• Ability to shift between red team, system admin, and defender roles with a builder mindset.
• Experience working in multi-tenant environments such as MSPs and Google Workspace business plans.
• Knowledge of IT automation tools like PSAs and RMMs is preferred.
• Experience with Elastic, Kibana, and security conference presentations or community education is a plus.
• Excellent organizational and communication skills with a passion for translating complex security concepts into accessible insights.

• Fully remote work environment since inception.
• Competitive salary range of $210,000 to $240,000 base, plus bonus and equity.
• Generous paid time off including vacation, sick leave, and paid holidays.
• 12 weeks paid parental leave.
• Comprehensive medical, dental, and vision insurance plans.
• 401(k) plan with 5% employer contribution regardless of employee input.
• Life and disability insurance coverage.
• Stock options for all full-time employees.
• $500 one-time reimbursement for home office setup or upgrades.
• Annual education and professional development allowance.
• $75 monthly digital reimbursement.
• Access to coaching and growth platform BetterUp.
• Inclusive culture valuing diversity, equity, and belonging.

Jobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching.

When you apply, your profile goes through our AI-powered screening process designed to identify top talent efficiently and fairly.
Our AI evaluates your CV and LinkedIn profile thoroughly, analyzing your skills, experience, and achievements.
It compares your profile to the job’s core requirements and past success factors to determine your match score.
Based on this analysis, we automatically shortlist the 3 candidates with the highest match to the role.
When necessary, our human team may perform an additional manual review to ensure no strong profile is missed.

The process is transparent, skills-based, and free of bias — focusing solely on your fit for the role. Once the shortlist is completed, we share it directly with the company that owns the job opening. The final decision and next steps (such as interviews or additional assessments) are then made by their internal hiring team.

Thank you for your interest!

#LI-CL1