Security Researcher

About Iru Iru is the AI-powered security & IT platform used by the world’s fastest-growing companies to secure their users, apps, and devices. Built for the AI era, Iru unifies identity & access, endpoint security & management, and compliance automation—collapsing the stack and giving IT & security time and control back. Iru is backed by some of the smartest investors in tech—General Catalyst, Tiger Global, Felicis, Greycroft, and First Round Capital. In July 2024, Iru raised $100 million from General Catalyst, valuing the company at $850 million. Customers include Notion, Cursor, Lovable, Replit, and Mercor, and Iru partners with industry leaders such as ServiceNow and AWS. Iru was named to Forbes’ America’s Best Startup Employers 2025 list for employee engagement and satisfaction. The Opportunity We are looking for a Security Researcher specializing in Windows and macOS threat detection to join our small, focused Threat Intelligence and Research team. In this role, you'll research, analyze, and develop robust file-based and behavioral detections targeting malware, threat actors, and attack methodologies across both platforms. You'll be a direct contributor to both our EDR and Vulnerability products — bringing research depth that spans threat detection and the full vulnerability lifecycle. You'll also help raise the team's external profile through published research and conference talks. As part of a small team, you'll have significant ownership over your work and a direct impact on the direction of our research and products. Benefits & Perks Competitive salary Hybrid work environment (3 days in office per week) 100% individual and dependent medical + dental + vision coverage 401(K) with a 4% company match 20 days PTO Iru Wellness Week the first week in July Equity for full-time employees In-office lunch stipend provided Up to 16 weeks of paid leave for new parents Paid Family and Medical Leave Modern Health mental health benefits for individuals and dependents Fertility benefits Working Advantage employee discounts Onsite fitness center Free parking Exciting opportunities for career growth We are excited to be serving a significant need for a fast-growing market, and are proud of the high-performing team we have brought together so far. If you’re someone who wants to engage in new, exciting projects that will challenge your skills in the best way possible, we would love to connect with you. At Iru, we believe in fostering an inclusive environment in which employees feel encouraged to share their unique perspectives, leverage their strengths, and act authentically. We know that diverse teams are strong teams, and welcome those from all backgrounds and varying experiences. Iru is proud to be an equal opportunity employer committed to diversity and inclusion in the workplace. Qualified applicants will be considered for employment without regard to race, color, religion, national origin, age, sex, sexual orientation, gender identity, physical or mental disability, protected veteran or military status or any other status protected by applicable law. #LI-Hybrid What You'll Do Perform in-depth analysis of malware and adversarial behavior across Windows and macOS to identify detection opportunities. Develop and enhance detection rules and behavioral analytics for both platforms, integrated into our EDR product. Collaborate with engineering teams to incorporate detection logic into our cross-platform security agent. Actively contribute to both our EDR and vulnerability products — spanning threat detection and the full vulnerability lifecycle: discovery, product coordination,CVE publications/submissions, and public disclosure. Research and develop new vulnerability detection methods. Continuously monitor emerging threats and trends across Windows and macOS ecosystems. Contribute to the product roadmap for both EDR and vulnerability products by surfacing research-driven insights and detection capability recommendations. Author blog posts and present findings at industry conferences to contribute to the broader security community. Document and communicate research findings clearly, both internally and externally. What You'll Bring 3–5 years of experience in cybersecurity, with hands-on focus on malware analysis and threat research across Windows and/or macOS. Proven experience developing file-based and behavioral detections for endpoints (YARA, Sigma). Solid understanding of the vulnerability research lifecycle: discovery through coordinated disclosure and CVE ecosystem. Experience with malware analysis tools and techniques (Binary Ninja, WinDbg, Sysinternals, or Mac Monitor). Strong understanding of OS internals and endpoint security mechanisms on Windows and/or macOS (Endpoint Security APIs). Demonstrated ability to communicate research externally — blog posts, conference talks, or published work. Preferred Qualifications Experience developing or contributing to EDR or next-gen antivirus products. Experience leveraging AI tools to accelerate threat research, detection development, and analysis workflows. Familiarity with both Windows and macOS threat landscapes and platform-specific attack techniques. Proficiency with security-focused scripting and data analysis (Python, PowerShell, Bash, etc.). Demonstrated ability to assess and prioritize vulnerabilities using industry-standard frameworks and data sources (including advisories, disclosures, severity scoring, and more) with a critical eye for data quality and completeness

{
  "content_hash": "3d9a042a80aa749441b13c702e668cfcc5b4ac388fb40151142534793588a503",
  "source_hash": "864f6493d142d267a25c64ca8177dc6b296e2b44ed0f20ad1d36917e3437fe4d",
  "last_changed_at": "2026-05-29T07:00:32.584Z",
  "active_status": "active"
}

{
  "language": "en",
  "location": {
    "raw": "Miami",
    "city": "Miami",
    "region": "FL",
    "country": "United States",
    "is_remote": false,
    "confidence": 0.75
  },
  "salary_max": null,
  "salary_min": null,
  "inferred_at": "2026-06-06T19:42:37.037Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "Miami",
      "city": "Miami",
      "region": "FL",
      "country": "United States",
      "is_remote": false,
      "confidence": 0.75
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": "hybrid",
  "salary_period": null,
  "workplace_type": "hybrid",
  "salary_currency": null
}

{}

{
  "lists": [
    {
      "text": "What You'll Do",
      "content": "<div>\n\n<li>Perform in-depth analysis of malware and adversarial behavior across Windows and macOS to identify detection opportunities.</li>\n<li>Develop and enhance detection rules and behavioral analytics for both platforms, integrated into our EDR product.</li>\n<li>Collaborate with engineering teams to incorporate detection logic into our cross-platform security agent.</li>\n<li>Actively contribute to both our EDR and vulnerability products — spanning threat detection and the full vulnerability lifecycle: discovery, product coordination,CVE publications/submissions, and public disclosure.</li>\n<li>Research and develop new vulnerability detection methods.</li>\n<li>Continuously monitor emerging threats and trends across Windows and macOS ecosystems.</li>\n<li>Contribute to the product roadmap for both EDR and vulnerability products by surfacing research-driven insights and detection capability recommendations.</li>\n<li>Author blog posts and present findings at industry conferences to contribute to the broader security community.</li>\n<li>Document and communicate research findings clearly, both internally and externally.</li>\n\n</div>"
    },
    {
      "text": "What You'll Bring",
      "content": "<div>\n\n<li>3–5 years of experience in cybersecurity, with hands-on focus on malware analysis and threat research across Windows and/or macOS.</li>\n<li>Proven experience developing file-based and behavioral detections for endpoints (YARA, Sigma).</li>\n<li>Solid understanding of the vulnerability research lifecycle: discovery through coordinated disclosure and CVE ecosystem.</li>\n<li>Experience with malware analysis tools and techniques (Binary Ninja, WinDbg, Sysinternals, or Mac Monitor).</li>\n<li>Strong understanding of OS internals and endpoint security mechanisms on Windows and/or macOS (Endpoint Security APIs).</li>\n<li>Demonstrated ability to communicate research externally — blog posts, conference talks, or published work.</li>\n\n</div>"
    },
    {
      "text": "Preferred Qualifications",
      "content": "<div>\n\n<li>Experience developing or contributing to EDR or next-gen antivirus products.</li>\n<li>Experience leveraging AI tools to accelerate threat research, detection development, and analysis workflows.</li>\n<li>Familiarity with both Windows and macOS threat landscapes and platform-specific attack techniques.</li>\n<li>Proficiency with security-focused scripting and data analysis (Python, PowerShell, Bash, etc.).</li>\n<li>Demonstrated ability to assess and prioritize vulnerabilities using industry-standard frameworks and data sources (including advisories, disclosures, severity scoring, and more) with a critical eye for data quality and completeness</li>\n\n</div>"
    }
  ],
  "country": "US",
  "createdAt": 1776708179702,
  "updatedAt": null,
  "categories": {
    "team": "Engineering",
    "location": "Miami",
    "commitment": "Full-Time",
    "department": "R&D",
    "allLocations": [
      "Miami"
    ]
  },
  "salaryRange": null,
  "workplaceType": "hybrid"
}