logo
All Jobs

Security Researcher

Remote · Full-time · Middle/Senior

About The Company

MWDN is a global IT outstaffing company with 23+ years of experience that connects exceptional tech talent with leading companies across Israel, the USA, Great Britain, and Western Europe. We offer opportunities to work on international products in a stable and professional environment.

Why does MWDN rock?

Here’s what you can expect when you join MWDN:

  • Security: We carefully vet our clients to minimize risks and ensure reliability and timely payments—no fraud or unpleasant surprises.
  • Career support: If a project isn’t the right fit, we support you and actively help find new opportunities that match your skills and career goals.
  • Legal assistance: We provide guidance on legal matters, including opening and managing your independent contractor or sole proprietorship status, taxes, and related processes.
  • Professional development: We offer English courses and professional growth opportunities, as well as team-building events.

Why choose us? MWDN is ranked among the top 5 IT employers in our region according to DOU. We take pride in our transparency and strong commitment to our team. Curious to learn more? See what our employees say about working with us on DOU.

What is your new project?

  • Domain: Identity and Access Management (IAM) software
  • Location: Israel
  • Company size: 200-500 employees
  • Founded in: 2014

What makes this project exciting?

Are you ready to join a game-changing force in identity and access management? 

Our client is revolutionizing the way enterprises protect user identities in a passwordless world. You'll be working at the intersection of cutting-edge biometrics, behavioral analytics, and next-gen identity orchestration - helping the world’s leading brands safeguard millions of users. Backed by more than 100 M Series A - one of the largest in cybersecurity history - and trusted by major global enterprises, they offer the agility of an innovator with the strength and backing of an industry leader.

Ready to take part in redefining IAM for the modern era? Let’s talk.

What makes you a great fit

  • At least 3 years of experience in security research, fraud research, detection engineering, threat research, mobile security research, browser security research, or a similar hands-on technical role.
  • Bachelor’s degree in Computer Science, Cybersecurity, Data Science, or a related field, or equivalent hands-on experience.
  • Strong hands-on experience with at least one of the following areas: Desktop or mobile browsers, browser APIs, browser automation, browser fingerprinting, web signals, or client-side web security. Native mobile applications for Android or iOS, mobile OS behavior, device signals, emulators, mobile automation, app instrumentation, or mobile security.
  • Strong understanding of web technologies, mobile technologies, APIs, application behavior, and modern attack techniques.
  • Strong Python skills and experience building research tools, automation, data analysis workflows, detection prototypes, or feature engineering pipelines.
  • Experience analyzing messy real-world data, investigating anomalies, validating hypotheses, and drawing practical conclusions from incomplete information.
  • Familiarity with machine learning training and validation concepts, such as train/test split, validation sets, overfitting, leakage, feature quality, precision/recall, false positives, false negatives, and model evaluation.
  • Ability to produce data features in a structured, reliable, and model-friendly way.
  • Ability to think like an attacker while designing reliable, scalable, and explainable defenses.
  • Strong problem-solving skills, independence, persistence, and a “getting things done” attitude.
  • Ability to work closely with engineering, product, and data science teams and translate research insights into practical product capabilities.
  • At least an upper-intermediate level of English.

Will be a plus:

  • Experience with both browser-based and mobile-native research.
  • Experience with fraud domains such as account takeover, new account fraud, identity theft, money mule activity, payment fraud, or first-party fraud.
  • Knowledge of bots, automation frameworks, credential stuffing, scraping, and anti-detection techniques.
  • Experience with browser internals, JavaScript runtime behavior, DOM APIs, WebView behavior, browser automation, headless browsers, or browser anti-detection techniques.
  • Experience with mobile app lifecycle, permissions, sensors, networking, storage, mobile identifiers, rooted/jailbroken devices, hooking, instrumentation, repackaging, or anti-tampering techniques.
  • Experience with browser fingerprinting, mobile fingerprinting, device intelligence, behavioral biometrics, or client-side telemetry.
  • Experience with malware analysis, phishing kits, remote access tools, proxy/VPN infrastructure, or underground fraud ecosystems.
  • Experience with detection quality measurement, false-positive analysis, rule tuning, model evaluation, feature evaluation, or production monitoring.
  • Experience using notebooks, pandas, SQL, data visualization tools, or other analysis environments for research and validation.
  • Experience working with data scientists, ML engineers, or ML training pipelines.

Your day-to-day in this position

  • Research emerging fraud and abuse techniques across account takeover, bots, automation, phishing, social engineering, device spoofing, emulators, remote access tools, suspicious network infrastructure, and related attack vectors.
  • Identify, design, and validate new data collection opportunities, security signals, behavioral patterns, device indicators, browser indicators, and mobile app indicators.
  • Analyze real-world telemetry, customer-provided labels, behavioral signals, device signals, network indicators, and attack patterns to identify detection opportunities.
  • Reproduce attacker techniques in lab and production-like environments, generate telemetry, identify detection gaps, and translate findings into detection logic.
  • Design, validate, and tune detection and prevention mechanisms with attention to coverage, explainability, false positives, customer impact, and production stability.
  • Build research infrastructure, analysis workflows, and internal tools using Python.
  • Produce robust data features that can later be used by machine learning models, detection logic, rules, dashboards, and customer-facing insights.
  • Work with model training pipelines, evaluate model behavior, compare training and validation results, and help determine whether new features improve detection quality.
  • Collaborate closely with data science, engineering, and product teams to take ideas from research hypothesis through validation, implementation, monitoring, and production feedback.
  • Stay up to date with fraud trends, attacker tooling, automation frameworks, browser abuse techniques, mobile abuse techniques, malware behavior, phishing techniques, and underground ecosystem developments.
  • Communicate findings clearly to technical and non-technical stakeholders, including recommended actions, tradeoffs, expected impact, and model/detection quality considerations.

Why work with us?

  • People-first management with minimal bureaucracy
  • A friendly company culture, proven by employees who choose to return
  • Flexible working hours
  • Full financial and legal support for independent contractors
  • Free English classes, with native speakers or Ukrainian teachers
  • Dedicated HR support

Our next steps

✅ Intro call with a Recruiter — ✅ Intro call with client — ✅ Technical interview — ✅ CTO interview — ✅ HR interview — ✅ Reference check — ✅ Offer

Oleksandra Studenikina・Recruiter
LinkedIn Oleksandra Studenikina
+380 99 437 76 20・Telegram