About WideField Security At WideField Security , our mission is simple and ambitious: we stop identity breaches . Eighty percent of today’s attacks start with an identity incident, yet enterprises still lack visibility and control over how identities are used, shared, and abused. WideField was founded to solve this problem by providing a new layer of protection focused on identities in use . Our platform continuously monitors every human and non-human session across applications and cloud environments to detect identity-based threats in real time. We are an early-stage, high-growth cybersecurity startup backed by Crosspoint Capital Partners and Engineering Capital . We have already achieved early success with enterprise customers who believe that the next frontier of security lies in protecting identities, not just credentials. What You Bring: As the Security Threat Researcher you will: Adversary Simulation and Detection Efficacy Testing: Design and execute realistic red team exercises, including testing scenarios against critical third-party services (IAM/ Iaas/Saas). Simulate sophisticated identity theft attacks (e.g., using techniques like AiTM with tools like Evilginx or simulating Infostealer activities) to find ways to steal credentials and gain unauthorized access. Operate within controlled test environments leveraging technologies such as EDR/Iaas/Saas. Generate authentic logs from successful attack simulations to train and validate our product's detection models. Develop new and novel attack variations to test the resilience and potential bypasses of existing detection mechanisms. Manual Threat Hunting and Intelligence: Conduct deep-dive manual threat hunting exercises within test systems and identify nascent or existing adversary TTPs not yet covered by automated detections. Synthesize hunting findings to provide actionable input for the development of new, high-fidelity security detections. Product Security Enhancement: Proactively research and find vulnerabilities within our core product and infrastructure. Examine the product from the perspective of a motivated attacker to identify weaknesses in design, implementation, and deployment. Perform assisted penetration testing (leveraging source code knowledge) and internal red-team exercises with the engineering teams to harden the product before release. Dark Web and Open Source Threat Intelligence (OSINT): Monitor dark web forums, marketplaces, and other restricted communities to find information on relevant threat actor activities, data breaches, and emerging TTPs. Translate gathered threat intelligence into practical recommendations and TTPs for product testing and feature development. What You Bring: Red Teaming/Adversary Simulation: Proven hands-on experience designing and executing complex, multi-stage red team operations. Cloud Security Expertise: Strong practical knowledge of security controls and common attack vectors within AWS environments. Identity and SaaS Application Attacks: Deep understanding of attacks targeting IDP/IAM, Iaas and Saas environments. Offensive Tooling: Hands-on experience with tools used for simulating credential theft, phishing (e.g., Evilginx), and malware simulation (e.g., Infostealers). Detection Engineering Knowledge: Fundamental understanding of how security products generate detections (e.g., EDR, SIEM) and the ability to generate data/logs suitable for training and testing. Technical Depth: Proficiency in at least one scripting language (e.g., Python, Go) for developing custom attack tools and automating tasks. What Makes You a Great Fit: Vulnerability Research: Experience with fuzzing, binary analysis, and finding zero-day or N-day vulnerabilities in software. Threat Intelligence: Experience collecting, analyzing, and synthesizing threat intelligence from various sources, including the dark web. Container and Orchestration Security: Knowledge of securing containerized environments and Kubernetes. Excellent Communication: Ability to clearly document and articulate complex technical findings, attack paths, and detection recommendations to both technical and non-technical audiences. Startup DNA At WideField, we are building something that has never been done before. That requires a special kind of person. We are looking for someone who: Is a self-starter who takes ownership from day one. Can operate creatively and efficiently on a startup budget. Shows perseverance and grit, is not afraid to experiment, fail fast, learn, and improve. Brings a positive, can-do attitude and thrives in a collaborative, high-trust culture
About WideField Security At WideField Security , our mission is simple and ambitious: we stop identity breaches . Eighty percent of today’s attacks start with an identity incident, yet enterprises still lack visibility and control over how identities are used, shared, and abused. WideField was founded to solve this problem by providing a new layer of protection focused on identities in use . Our platform continuously monitors every human and non-human session across applications and cloud environments to detect identity-based threats in real time. We are an early-stage, high-growth cybersecurity startup backed by Crosspoint Capital Partners and Engineering Capital . We have already achieved early success with enterprise customers who believe that the next frontier of security lies in protecting identities, not just credentials. What You Bring: As the Security Threat Researcher you will: Adversary Simulation and Detection Efficacy Testing: Design and execute realistic red team exercises, including testing scenarios against critical third-party services (IAM/ Iaas/Saas). Simulate sophisticated identity theft attacks (e.g., using techniques like AiTM with tools like Evilginx or simulating Infostealer activities) to find ways to steal credentials and gain unauthorized access. Operate within controlled test environments leveraging technologies such as EDR/Iaas/Saas. Generate authentic logs from successful attack simulations to train and validate our product's detection models. Develop new and novel attack variations to test the resilience and potential bypasses of existing detection mechanisms. Manual Threat Hunting and Intelligence: Conduct deep-dive manual threat hunting exercises within test systems and identify nascent or existing adversary TTPs not yet covered by automated detections. Synthesize hunting findings to provide actionable input for the development of new, high-fidelity security detections. Product Security Enhancement: Proactively research and find vulnerabilities within our core product and infrastructure. Examine the product from the perspective of a motivated attacker to identify weaknesses in design, implementation, and deployment. Perform assisted penetration testing (leveraging source code knowledge) and internal red-team exercises with the engineering teams to harden the product before release. Dark Web and Open Source Threat Intelligence (OSINT): Monitor dark web forums, marketplaces, and other restricted communities to find information on relevant threat actor activities, data breaches, and emerging TTPs. Translate gathered threat intelligence into practical recommendations and TTPs for product testing and feature development. What You Bring: Red Teaming/Adversary Simulation: Proven hands-on experience designing and executing complex, multi-stage red team operations. Cloud Security Expertise: Strong practical knowledge of security controls and common attack vectors within AWS environments. Identity and SaaS Application Attacks: Deep understanding of attacks targeting IDP/IAM, Iaas and Saas environments. Offensive Tooling: Hands-on experience with tools used for simulating credential theft, phishing (e.g., Evilginx), and malware simulation (e.g., Infostealers). Detection Engineering Knowledge: Fundamental understanding of how security products generate detections (e.g., EDR, SIEM) and the ability to generate data/logs suitable for training and testing. Technical Depth: Proficiency in at least one scripting language (e.g., Python, Go) for developing custom attack tools and automating tasks. What Makes You a Great Fit: Vulnerability Research: Experience with fuzzing, binary analysis, and finding zero-day or N-day vulnerabilities in software. Threat Intelligence: Experience collecting, analyzing, and synthesizing threat intelligence from various sources, including the dark web. Container and Orchestration Security: Knowledge of securing containerized environments and Kubernetes. Excellent Communication: Ability to clearly document and articulate complex technical findings, attack paths, and detection recommendations to both technical and non-technical audiences. Startup DNA At WideField, we are building something that has never been done before. That requires a special kind of person. We are looking for someone who: Is a self-starter who takes ownership from day one. Can operate creatively and efficiently on a startup budget. Shows perseverance and grit, is not afraid to experiment, fail fast, learn, and improve. Brings a positive, can-do attitude and thrives in a collaborative, high-trust culture
About WideField Security At WideField Security , our mission is simple and ambitious: we stop identity breaches . Eighty percent of today’s attacks start with an identity incident, yet enterprises still lack visibility and control over how identities are used, shared, and abused. WideField was founded to solve this problem by providing a new layer of protection focused on identities in use . Our platform continuously monitors every human and non-human session across applications and cloud environments to detect identity-based threats in real time. We are an early-stage, high-growth cybersecurity startup backed by Crosspoint Capital Partners and Engineering Capital . We have already achieved early success with enterprise customers who believe that the next frontier of security lies in protecting identities, not just credentials. Core Qualifications : Design and Development: Lead the end-to-end design, development, and deployment of new features and services across our platform. Backend Engineering: Build and maintain scalable, high-performance APIs and microservices using Node.js, Nest.js, and Golang . Frontend Engineering: Develop responsive, high-quality user interfaces and reusable components using React . Technical Leadership: Take ownership of complex technical domains, from initial concept through production deployment and monitoring. Startup Mindset: Exhibit a strong sense of urgency and bias for action by rapidly iterating, solving problems, and delivering results in ambiguous or fast-changing situations. Collaboration: Work closely with product managers, designers, and other engineers to define specifications and deliver a cohesive user experience. Code Quality: Uphold and promote engineering best practices, including robust testing, code reviews, and performance optimization. Frontend Expertise: Deep proficiency in React (hooks, state management, routing) and modern JavaScript (ES6+), HTML5, and CSS. Backend Expertise (Primary): Strong professional experience with Node.js and the Nest.js framework. Backend Expertise (Secondary): Hands-on experience developing services in Golang (Go) , demonstrating an ability to choose the right tool for performance-critical tasks. Architecture: Experience designing and working with RESTful APIs, microservices architecture, and relational/NoSQL databases. DevOps: Familiarity with cloud platforms (e.g. AWS) and CI/CD pipelines is a plus. What Makes You a Great Fit: Problem Solver: A strong, demonstrated ability to analyze complex issues and devise effective, long-term technical solutions. CyberSecurity Experience: Knowledge of common security vulnerabilities, defensive coding practices, and experience implementing security features in backend services. Excellent Debugging Skills: Ability to quickly isolate, diagnose, and resolve complex production issues. Ownership and Responsibility: Proactive approach with a strong sense of ownership over the product, code quality, and system reliability. Metrics and Alerting: Experience implementing robust monitoring, logging, and alerting systems (e.g., Prometheus, Grafana, Datadog) to ensure system health and performance. Startup DNA At WideField, we are building something that has never been done before. That requires a special kind of person. We are looking for someone who: Is a self-starter who takes ownership from day one. Can operate creatively and efficiently on a startup budget. Shows perseverance and grit, is not afraid to experiment, fail fast, learn, and improve. Brings a positive, can-do attitude and thrives in a collaborative, high-trust culture
About WideField Security At WideField Security , our mission is simple and ambitious: we stop identity breaches . Eighty percent of today’s attacks start with an identity incident, yet enterprises still lack visibility and control over how identities are used, shared, and abused. WideField was founded to solve this problem by providing a new layer of protection focused on identities in use . Our platform continuously monitors every human and non-human session across applications and cloud environments to detect identity-based threats in real time. We are an early-stage, high-growth cybersecurity startup backed by Crosspoint Capital Partners and Engineering Capital . We have already achieved early success with enterprise customers who believe that the next frontier of security lies in protecting identities, not just credentials. Core Qualifications : Building Highly Scalable Microservices: Proven track record of designing and implementing distributed systems and microservice architectures that handle high traffic and volume. Containerization Platforms: Deep expertise with container technologies (e.g., Docker) and orchestration platforms (e.g., Kubernetes). AWS (Amazon Web Services): Strong experience with core AWS services (e.g., EC2, S3, Lambda, RDS, VPC etc.) and building cloud-native applications. Databases: Significant experience working with both SQL (e.g., PostgreSQL, MySQL) and NoSQL databases (e.g., MongoDB, Cassandra, Redis), including schema design and optimization. OLAP DB: Experience with any OLAP (Online Analytical Processing) database for data warehousing and analytics. Datalakes and Stream Processing: Experience working with data lake architectures (e.g., Apache Iceberg) and processing frameworks like Apache Spark and/or Apache Flink for high-volume data ingestion and transformation. Metrics and Alerting: Experience implementing robust monitoring, logging, and alerting systems (e.g., Prometheus, Grafana, Datadog) to ensure system health and performance. What Makes You a Great Fit: Golang (Go): Extensive professional experience developing production-grade services in Go. Problem Solver: A strong, demonstrated ability to analyze complex issues and devise effective, long-term technical solutions. CyberSecurity Experience: Knowledge of common security vulnerabilities, defensive coding practices, and experience implementing security features in backend services. Excellent Debugging Skills: Ability to quickly isolate, diagnose, and resolve complex production issues. Ownership and Responsibility: Proactive approach with a strong sense of ownership over the product, code quality, and system reliability. Startup DNA At WideField, we are building something that has never been done before. That requires a special kind of person. We are looking for someone who: Is a self-starter who takes ownership from day one. Can operate creatively and efficiently on a startup budget. Shows perseverance and grit, is not afraid to experiment, fail fast, learn, and improve. Brings a positive, can-do attitude and thrives in a collaborative, high-trust culture
About WideField Security At WideField Security , our mission is simple and ambitious: we stop identity breaches . Eighty percent of today’s attacks start with an identity incident, yet enterprises still lack visibility and control over how identities are used, shared, and abused. WideField was founded to solve this problem by providing a new layer of protection focused on identities in use . Our platform continuously monitors every human and non-human session across applications and cloud environments to detect identity-based threats in real time. We are an early-stage, high-growth cybersecurity startup backed by Crosspoint Capital Partners and Engineering Capital . We have already achieved early success with enterprise customers who believe that the next frontier of security lies in protecting identities, not just credentials. What You Bring: As the Security Threat Researcher you will: Adversary Simulation and Detection Efficacy Testing: Design and execute realistic red team exercises, including testing scenarios against critical third-party services (IAM/ Iaas/Saas). Simulate sophisticated identity theft attacks (e.g., using techniques like AiTM with tools like Evilginx or simulating Infostealer activities) to find ways to steal credentials and gain unauthorized access. Operate within controlled test environments leveraging technologies such as EDR/Iaas/Saas. Generate authentic logs from successful attack simulations to train and validate our product's detection models. Develop new and novel attack variations to test the resilience and potential bypasses of existing detection mechanisms. Manual Threat Hunting and Intelligence: Conduct deep-dive manual threat hunting exercises within test systems and identify nascent or existing adversary TTPs not yet covered by automated detections. Synthesize hunting findings to provide actionable input for the development of new, high-fidelity security detections. Product Security Enhancement: Proactively research and find vulnerabilities within our core product and infrastructure. Examine the product from the perspective of a motivated attacker to identify weaknesses in design, implementation, and deployment. Perform assisted penetration testing (leveraging source code knowledge) and internal red-team exercises with the engineering teams to harden the product before release. Dark Web and Open Source Threat Intelligence (OSINT): Monitor dark web forums, marketplaces, and other restricted communities to find information on relevant threat actor activities, data breaches, and emerging TTPs. Translate gathered threat intelligence into practical recommendations and TTPs for product testing and feature development. What You Bring: Red Teaming/Adversary Simulation: Proven hands-on experience designing and executing complex, multi-stage red team operations. Cloud Security Expertise: Strong practical knowledge of security controls and common attack vectors within AWS environments. Identity and SaaS Application Attacks: Deep understanding of attacks targeting IDP/IAM, Iaas and Saas environments. Offensive Tooling: Hands-on experience with tools used for simulating credential theft, phishing (e.g., Evilginx), and malware simulation (e.g., Infostealers). Detection Engineering Knowledge: Fundamental understanding of how security products generate detections (e.g., EDR, SIEM) and the ability to generate data/logs suitable for training and testing. Technical Depth: Proficiency in at least one scripting language (e.g., Python, Go) for developing custom attack tools and automating tasks. What Makes You a Great Fit: Vulnerability Research: Experience with fuzzing, binary analysis, and finding zero-day or N-day vulnerabilities in software. Threat Intelligence: Experience collecting, analyzing, and synthesizing threat intelligence from various sources, including the dark web. Container and Orchestration Security: Knowledge of securing containerized environments and Kubernetes. Excellent Communication: Ability to clearly document and articulate complex technical findings, attack paths, and detection recommendations to both technical and non-technical audiences. Startup DNA At WideField, we are building something that has never been done before. That requires a special kind of person. We are looking for someone who: Is a self-starter who takes ownership from day one. Can operate creatively and efficiently on a startup budget. Shows perseverance and grit, is not afraid to experiment, fail fast, learn, and improve. Brings a positive, can-do attitude and thrives in a collaborative, high-trust culture
About WideField Security At WideField Security , our mission is simple and ambitious: we stop identity breaches . Eighty percent of today’s attacks start with an identity incident, yet enterprises still lack visibility and control over how identities are used, shared, and abused. WideField was founded to solve this problem by providing a new layer of protection focused on identities in use . Our platform continuously monitors every human and non-human session across applications and cloud environments to detect identity-based threats in real time. We are an early-stage, high-growth cybersecurity startup backed by Crosspoint Capital Partners and Engineering Capital . We have already achieved early success with enterprise customers who believe that the next frontier of security lies in protecting identities, not just credentials. Core Qualifications : IaC principles: Design, implement, and manage highly available, scalable, and secure cloud infrastructure using Infrastructure as Code (IaC) principles. AWS (Amazon Web Services): Extensive hands-on experience designing, deploying, and managing production workloads in AWS. Kubernetes: Deep expertise in container orchestration using Kubernetes, including cluster setup, maintenance, and deployment strategies. ArgoCD: Proven experience implementing GitOps workflows and managing application deployments using ArgoCD. Spark/EMR/Flink: Experience with data processing and big data technologies, specifically using Apache Spark, preferably within the AWS EMR service. Setting up Metrics and Alerting: Expertise in implementing robust monitoring, logging, and alerting systems (e.g., Prometheus, Grafana) to proactively ensure system health and performance. Kafka: Expertise in deploying, managing, and optimizing high-throughput, fault-tolerant Kafka clusters. Data Stores: Manage and optimize data stores (PostgreSQL, NoSQL databases, OLAP systems, Apache Iceberg, etc.). Security Best Practices: Ensure security best practices are implemented and maintained across the entire infrastructure and application lifecycle. Vulnerability Patching: Experience managing and automating the process of identifying, testing, and applying security patches and updates across systems. Setting up and Maintaining CI/CD Pipelines: Extensive practical experience designing and maintaining high-quality, automated CI/CD pipelines (e.g., using GitHub Actions, ArgoCD). Cost Optimization: Demonstrated experience in monitoring, analyzing, and optimizing cloud resource usage and costs within AWS. What Makes You a Great Fit: Problem Solver: A strong, demonstrated ability to analyze complex infrastructure issues and devise effective, long-term technical solutions. CyberSecurity Experience: Knowledge of common security vulnerabilities, defensive configuration practices, and experience implementing security features within cloud infrastructure. Excellent Debugging Skills: Ability to quickly isolate, diagnose, and resolve complex production and infrastructure issues. Ownership and Responsibility: Proactive approach with a strong sense of ownership over system reliability, security, and operational efficiency. Super Obsessed with Building and Maintaining Secure Environments: A genuine passion for creating and enforcing stringent security standards and practices. Startup DNA At WideField, we are building something that has never been done before. That requires a special kind of person. We are looking for someone who: Is a self-starter who takes ownership from day one. Can operate creatively and efficiently on a startup budget. Shows perseverance and grit, is not afraid to experiment, fail fast, learn, and improve. Brings a positive, can-do attitude and thrives in a collaborative, high-trust culture
About WideField Security At WideField Security , our mission is simple and ambitious: we stop identity breaches . Eighty percent of today’s attacks start with an identity incident, yet enterprises still lack visibility and control over how identities are used, shared, and abused. WideField was founded to solve this problem by providing a new layer of protection focused on identities in use . Our platform continuously monitors every human and non-human session across applications and cloud environments to detect identity-based threats in real time. We are an early-stage, high-growth cybersecurity startup backed by Crosspoint Capital Partners and Engineering Capital . We have already achieved early success with enterprise customers who believe that the next frontier of security lies in protecting identities, not just credentials. Core Qualifications : Design and Development: Lead the end-to-end design, development, and deployment of new features and services across our platform. Backend Engineering: Build and maintain scalable, high-performance APIs and microservices using Node.js, Nest.js, and Golang . Frontend Engineering: Develop responsive, high-quality user interfaces and reusable components using React . Technical Leadership: Take ownership of complex technical domains, from initial concept through production deployment and monitoring. Startup Mindset: Exhibit a strong sense of urgency and bias for action by rapidly iterating, solving problems, and delivering results in ambiguous or fast-changing situations. Collaboration: Work closely with product managers, designers, and other engineers to define specifications and deliver a cohesive user experience. Code Quality: Uphold and promote engineering best practices, including robust testing, code reviews, and performance optimization. Frontend Expertise: Deep proficiency in React (hooks, state management, routing) and modern JavaScript (ES6+), HTML5, and CSS. Backend Expertise (Primary): Strong professional experience with Node.js and the Nest.js framework. Backend Expertise (Secondary): Hands-on experience developing services in Golang (Go) , demonstrating an ability to choose the right tool for performance-critical tasks. Architecture: Experience designing and working with RESTful APIs, microservices architecture, and relational/NoSQL databases. DevOps: Familiarity with cloud platforms (e.g. AWS) and CI/CD pipelines is a plus. What Makes You a Great Fit: Problem Solver: A strong, demonstrated ability to analyze complex issues and devise effective, long-term technical solutions. CyberSecurity Experience: Knowledge of common security vulnerabilities, defensive coding practices, and experience implementing security features in backend services. Excellent Debugging Skills: Ability to quickly isolate, diagnose, and resolve complex production issues. Ownership and Responsibility: Proactive approach with a strong sense of ownership over the product, code quality, and system reliability. Metrics and Alerting: Experience implementing robust monitoring, logging, and alerting systems (e.g., Prometheus, Grafana, Datadog) to ensure system health and performance. Startup DNA At WideField, we are building something that has never been done before. That requires a special kind of person. We are looking for someone who: Is a self-starter who takes ownership from day one. Can operate creatively and efficiently on a startup budget. Shows perseverance and grit, is not afraid to experiment, fail fast, learn, and improve. Brings a positive, can-do attitude and thrives in a collaborative, high-trust culture
About WideField Security At WideField Security , our mission is simple and ambitious: we stop identity breaches . Eighty percent of today’s attacks start with an identity incident, yet enterprises still lack visibility and control over how identities are used, shared, and abused. WideField was founded to solve this problem by providing a new layer of protection focused on identities in use . Our platform continuously monitors every human and non-human session across applications and cloud environments to detect identity-based threats in real time. We are an early-stage, high-growth cybersecurity startup backed by Crosspoint Capital Partners and Engineering Capital . We have already achieved early success with enterprise customers who believe that the next frontier of security lies in protecting identities, not just credentials. Core Qualifications : Building Highly Scalable Microservices: Proven track record of designing and implementing distributed systems and microservice architectures that handle high traffic and volume. Containerization Platforms: Deep expertise with container technologies (e.g., Docker) and orchestration platforms (e.g., Kubernetes). AWS (Amazon Web Services): Strong experience with core AWS services (e.g., EC2, S3, Lambda, RDS, VPC etc.) and building cloud-native applications. Databases: Significant experience working with both SQL (e.g., PostgreSQL, MySQL) and NoSQL databases (e.g., MongoDB, Cassandra, Redis), including schema design and optimization. OLAP DB: Experience with any OLAP (Online Analytical Processing) database for data warehousing and analytics. Datalakes and Stream Processing: Experience working with data lake architectures (e.g., Apache Iceberg) and processing frameworks like Apache Spark and/or Apache Flink for high-volume data ingestion and transformation. Metrics and Alerting: Experience implementing robust monitoring, logging, and alerting systems (e.g., Prometheus, Grafana, Datadog) to ensure system health and performance. What Makes You a Great Fit: Golang (Go): Extensive professional experience developing production-grade services in Go. Problem Solver: A strong, demonstrated ability to analyze complex issues and devise effective, long-term technical solutions. CyberSecurity Experience: Knowledge of common security vulnerabilities, defensive coding practices, and experience implementing security features in backend services. Excellent Debugging Skills: Ability to quickly isolate, diagnose, and resolve complex production issues. Ownership and Responsibility: Proactive approach with a strong sense of ownership over the product, code quality, and system reliability. Startup DNA At WideField, we are building something that has never been done before. That requires a special kind of person. We are looking for someone who: Is a self-starter who takes ownership from day one. Can operate creatively and efficiently on a startup budget. Shows perseverance and grit, is not afraid to experiment, fail fast, learn, and improve. Brings a positive, can-do attitude and thrives in a collaborative, high-trust culture
About WideField Security At WideField Security , our mission is simple and ambitious: we stop identity breaches . Eighty percent of today’s attacks start with an identity incident, yet enterprises still lack visibility and control over how identities are used, shared, and abused. WideField was founded to solve this problem by providing a new layer of protection focused on identities in use . Our platform continuously monitors every human and non-human session across applications and cloud environments to detect identity-based threats in real time. We are an early-stage, high-growth cybersecurity startup backed by Crosspoint Capital Partners and Engineering Capital . We have already achieved early success with enterprise customers who believe that the next frontier of security lies in protecting identities, not just credentials. What You Bring: As the Security Threat Researcher you will: Adversary Simulation and Detection Efficacy Testing: Design and execute realistic red team exercises, including testing scenarios against critical third-party services (IAM/ Iaas/Saas). Simulate sophisticated identity theft attacks (e.g., using techniques like AiTM with tools like Evilginx or simulating Infostealer activities) to find ways to steal credentials and gain unauthorized access. Operate within controlled test environments leveraging technologies such as EDR/Iaas/Saas. Generate authentic logs from successful attack simulations to train and validate our product's detection models. Develop new and novel attack variations to test the resilience and potential bypasses of existing detection mechanisms. Manual Threat Hunting and Intelligence: Conduct deep-dive manual threat hunting exercises within test systems and identify nascent or existing adversary TTPs not yet covered by automated detections. Synthesize hunting findings to provide actionable input for the development of new, high-fidelity security detections. Product Security Enhancement: Proactively research and find vulnerabilities within our core product and infrastructure. Examine the product from the perspective of a motivated attacker to identify weaknesses in design, implementation, and deployment. Perform assisted penetration testing (leveraging source code knowledge) and internal red-team exercises with the engineering teams to harden the product before release. Dark Web and Open Source Threat Intelligence (OSINT): Monitor dark web forums, marketplaces, and other restricted communities to find information on relevant threat actor activities, data breaches, and emerging TTPs. Translate gathered threat intelligence into practical recommendations and TTPs for product testing and feature development. What You Bring: Red Teaming/Adversary Simulation: Proven hands-on experience designing and executing complex, multi-stage red team operations. Cloud Security Expertise: Strong practical knowledge of security controls and common attack vectors within AWS environments. Identity and SaaS Application Attacks: Deep understanding of attacks targeting IDP/IAM, Iaas and Saas environments. Offensive Tooling: Hands-on experience with tools used for simulating credential theft, phishing (e.g., Evilginx), and malware simulation (e.g., Infostealers). Detection Engineering Knowledge: Fundamental understanding of how security products generate detections (e.g., EDR, SIEM) and the ability to generate data/logs suitable for training and testing. Technical Depth: Proficiency in at least one scripting language (e.g., Python, Go) for developing custom attack tools and automating tasks. What Makes You a Great Fit: Vulnerability Research: Experience with fuzzing, binary analysis, and finding zero-day or N-day vulnerabilities in software. Threat Intelligence: Experience collecting, analyzing, and synthesizing threat intelligence from various sources, including the dark web. Container and Orchestration Security: Knowledge of securing containerized environments and Kubernetes. Excellent Communication: Ability to clearly document and articulate complex technical findings, attack paths, and detection recommendations to both technical and non-technical audiences. Startup DNA At WideField, we are building something that has never been done before. That requires a special kind of person. We are looking for someone who: Is a self-starter who takes ownership from day one. Can operate creatively and efficiently on a startup budget. Shows perseverance and grit, is not afraid to experiment, fail fast, learn, and improve. Brings a positive, can-do attitude and thrives in a collaborative, high-trust culture
About WideField Security At WideField Security , our mission is simple and ambitious: we stop identity breaches . Eighty percent of today’s attacks start with an identity incident, yet enterprises still lack visibility and control over how identities are used, shared, and abused. WideField was founded to solve this problem by providing a new layer of protection focused on identities in use . Our platform continuously monitors every human and non-human session across applications and cloud environments to detect identity-based threats in real time. We are an early-stage, high-growth cybersecurity startup backed by Crosspoint Capital Partners and Engineering Capital . We have already achieved early success with enterprise customers who believe that the next frontier of security lies in protecting identities, not just credentials. Core Qualifications : IaC principles: Design, implement, and manage highly available, scalable, and secure cloud infrastructure using Infrastructure as Code (IaC) principles. AWS (Amazon Web Services): Extensive hands-on experience designing, deploying, and managing production workloads in AWS. Kubernetes: Deep expertise in container orchestration using Kubernetes, including cluster setup, maintenance, and deployment strategies. ArgoCD: Proven experience implementing GitOps workflows and managing application deployments using ArgoCD. Spark/EMR/Flink: Experience with data processing and big data technologies, specifically using Apache Spark, preferably within the AWS EMR service. Setting up Metrics and Alerting: Expertise in implementing robust monitoring, logging, and alerting systems (e.g., Prometheus, Grafana) to proactively ensure system health and performance. Kafka: Expertise in deploying, managing, and optimizing high-throughput, fault-tolerant Kafka clusters. Data Stores: Manage and optimize data stores (PostgreSQL, NoSQL databases, OLAP systems, Apache Iceberg, etc.). Security Best Practices: Ensure security best practices are implemented and maintained across the entire infrastructure and application lifecycle. Vulnerability Patching: Experience managing and automating the process of identifying, testing, and applying security patches and updates across systems. Setting up and Maintaining CI/CD Pipelines: Extensive practical experience designing and maintaining high-quality, automated CI/CD pipelines (e.g., using GitHub Actions, ArgoCD). Cost Optimization: Demonstrated experience in monitoring, analyzing, and optimizing cloud resource usage and costs within AWS. What Makes You a Great Fit: Problem Solver: A strong, demonstrated ability to analyze complex infrastructure issues and devise effective, long-term technical solutions. CyberSecurity Experience: Knowledge of common security vulnerabilities, defensive configuration practices, and experience implementing security features within cloud infrastructure. Excellent Debugging Skills: Ability to quickly isolate, diagnose, and resolve complex production and infrastructure issues. Ownership and Responsibility: Proactive approach with a strong sense of ownership over system reliability, security, and operational efficiency. Super Obsessed with Building and Maintaining Secure Environments: A genuine passion for creating and enforcing stringent security standards and practices. Startup DNA At WideField, we are building something that has never been done before. That requires a special kind of person. We are looking for someone who: Is a self-starter who takes ownership from day one. Can operate creatively and efficiently on a startup budget. Shows perseverance and grit, is not afraid to experiment, fail fast, learn, and improve. Brings a positive, can-do attitude and thrives in a collaborative, high-trust culture