Security Product Researcher

Do you want to help make the world safe from cyber attack?

At Corelight, we believe that the best approach to cybersecurity risk starts with the network. Attackers can evade endpoint detection, firewalls and many other technologies - but they can’t avoid leaving digital footprints on the networks they traverse. Built on open-source innovations from Zeek, Suricata and YARA and refined through years of real-world use, Corelight transforms network footprints from physical, virtual and cloud networks into actionable insights. Our customers use these insights to speed incident response and proactively hunt for threats.

Role

As an Security Product Researcher at Corelight, you will collaborate closely with product management, engineering, and network security experts to investigate, design, test, and construct solutions for complex network security challenges. You will play a pivotal role in defining what is achievable for future Corelight products and setting the benchmark for network detection in the cybersecurity landscape.

Responsibilities

• Turn theory into code with rapid prototyping. You will lead early development initiatives by coding and scripting rapid prototypes (using tools like Zeek, Suricata, and AI/LLMs) to prove that a problem can be solved before we commit engineering scale.
• Demonstrate a proven ability to utilize AI, including Large Language Models (LLMs) and agentic systems, for both software development and cybersecurity applications.
• Work in close partnership with leaders in product, research, and engineering on the forthcoming generation of network security AI products.
• Manage and advance projects from their initial concept to customer deployment and testing, demonstrating an ability to iterate quickly and effectively.
• Harness existing capabilities to find innovative ways to enhance the usability, deployment, and consumption of Corelight products.
• Cultivate new product ideas and features, driven by a strong sense of curiosity and a passion for innovation.
• Champion innovation within Corelight and its customer base.

Qualifications

• A strong dedication to our core values: low-ego results, tireless service, and applied curiosity.
• 5+ years of experience in agile development within a full-stack environment with demonstrated experience in LLM and agentic AI ecosystems.
• A solid grasp of the cybersecurity landscape, with a particular emphasis on network detection and response.
• The ability to work autonomously, manage multiple tasks, and iterate on solutions with speed and efficiency while proactively communicating progress, sharing updates without prompting, and building solutions in a transparent, followable way that keeps stakeholders informed at every stage.
• Understanding of computer networking, including layers 2-7 of the OSI model and their contributions to network operations and security.
• A thorough understanding of network security concepts, including encryption, protocol abuse, and patterns of attack.
• Understanding of security operations, threat hunting, and incident response procedures.
• Customer-centric communication skills for effective interaction both internally and with external stakeholders.

Preferred Qualifications

• Hands-on experience with Security Information and Event Management (SIEM) systems such as Splunk or Elastic.
• A strong background in adopting and utilizing Agile development methodologies and tools, with experience working in a distributed team environment.
• Exceptional communication skills, with a history of successful collaboration across UX, engineering, and product teams.
• Familiarity with data analytics, AI-assisted security decision-making, and automation.
• Education: A degree in Computer Science, Cybersecurity, or a related technical field (or equivalent practical experience).