Security Researcher – Supply Chain & Malware Analysis

About the role

We are seeking an experienced Security Researcher to join a cutting‑edge cybersecurity team in Switzerland. The role focuses on defending modern software ecosystems by investigating supply‑chain attacks, analysing malware and building innovative detection tools.

Key responsibilities

• Conduct in‑depth research on software supply‑chain threats, emerging attack techniques and advanced adversary behaviours.
• Analyze, reverse‑engineer and investigate malware, vulnerabilities and malicious software packages.
• Design, develop and maintain open‑source tools that improve detection, analysis and prevention of supply‑chain attacks.
• Research threat actors and APT groups, documenting their tactics, techniques and procedures.
• Produce high‑quality research reports, whitepapers and technical documentation for internal and external audiences.
• Lead research initiatives from concept through implementation, ensuring accuracy and innovation.
• Collaborate with engineering, product and security teams to enhance detection capabilities and platform resilience.
• Continuously monitor evolving cybersecurity trends affecting open‑source and cloud‑native environments.

Required profile

• Minimum 5 years of experience in cybersecurity research, threat research, malware analysis or vulnerability research.
• Strong software development background with a proven record of delivering production‑quality tools.
• Deep understanding of the Software Development Lifecycle, DevSecOps practices and modern CI/CD pipelines.
• Knowledge of software supply‑chain security and open‑source package ecosystems such as npm, PyPI or Maven.
• Experience leveraging AI‑powered tools to enhance research and automation workflows.

Required skills

• Malware analysis and reverse engineering
• Software development (production‑grade tooling)
• CI/CD and DevSecOps
• AI‑enhanced research tools
• Supply‑chain security for open‑source ecosystems