Location: San Francisco

🌍 We’re making security suck less for developers.

Security tools haven’t kept up with how software is built today. They interrupt teams, slow releases, and turn security into a bottleneck instead of a capability. We built Aikido to change that. Aikido builds developer-first security products that reduce real risk without getting in the way of shipping software. We focus on what actually matters and automate the rest.

We’re taking on legacy security tools teams have been stuck with, and we’re winning. If you want to help us take market share and build products developers actually enjoy using, you’re in the right place.

Founded in 2022 by third-time founders, Aikido has $85M in the bank and a long runway ahead. We’re building toward self-securing software. Join an all-star team. Take real ownership. Push boundaries. Build things that matter.

As a Security Researcher, you will be part of the Malware team, which helps protect the broader open-source ecosystem and our customers against the growing threat of malicious packages.

Responsibilities

• Triage packages from our analysis pipeline and validate findings.

• Create new detection rules (OpenGrep + YARA) to catch novel malware patterns and boost detection accuracy.

• Extend support for new programming languages in our analysis pipeline.

• Explore and experiment with cutting-edge tools and techniques to detect malware at scale.

• Write and publish blog posts on novel attacks and large-scale incidents.

• Contribute to internal research and help shape our public research agenda.

• Broad knowledge of programming languages. JavaScript is a must, Python is a huge plus.

• Strong understanding of security principles, standards, and best practices.

• Comfortable researching and tackling hard problems and algorithms (eg, parsing with ASTs)

• Fluent in English.

• Being able to communicate technical details to both technical and non-technical audiences.

• Preference for the US timezone.

• Bonus points:

  • Opengrep (or Semgrep) experience

  • Yara experience

  • Static analysis experience

  • Experience building production-ready systems

What you can expect

• A high-impact role in a fast-growing startup.

• Fast-tracked growth opportunities and increasing responsibilities.

• A competitive salary package.

• A company culture that values openness, informality, and getting sh*t done (see our culture page).

• Flexible working hours and a hybrid work setup.

• You will be recruited based on competencies. Qualities of people are decisive, regardless of gender, religion, ethnic origin, age, sexual orientation, or any disability.