Company Overview: imper.ai delivers a cutting-edge, context-aware, impersonation prevention platform designed to serve as your organization’s first layer of defense. Seamlessly integrated across collaboration tools and communication channels, the solution distinguishes between legitimate and fraudulent communications in real-time, countering even the most sophisticated social engineering tactics.
imper.ai verifies and validates identities during the first part of the encounter, effectively blocking impersonation attempts before they lead to fraud or malicious activity. The solution reduces user friction by eliminating the need for cumbersome pre-registration, while our zero retention policy ensures complete privacy.
About the Role: We’re hiring a hands-on Security Researcher to dive deep into browsers, renderers, and network stacks to uncover how systems expose subtle signals and behaviors across privacy and anonymization boundaries. You’ll explore what can be inferred about external infrastructure, design, and validate data-driven techniques, and turn research into working prototypes and production systems. This role is highly collaborative with engineering and product — perfect for someone with an attacker’s mindset, a strong sense of ownership, and a drive to turn complex technical exploration into real-world impact.
Responsibilities:
- Dive deep into browsers, OS behaviors, web protocols, and communication platforms to explore how real-world systems expose subtle signals and identity flows.
- Model adversarial techniques and simulate attacker behavior to understand what can be learned about how different infrastructures are built and operate.
- Prototype and validate ideas through working tools, PoCs, or small-scale experiments that inform production development.
- Stay ahead of evolving attacker tactics and continuously refine our understanding of the ecosystem.
Must-Haves:
- Solid background in security research with hands-on experience in one or more of:
- Browser internals — sandboxing, profiles, JIT/runtime behavior
- OS internals — kernels, system calls, IPC
- Communication protocols — IP, TCP, TLS, and related network primitives
- An attacker’s mindset — whether developed through red teaming, CTFs, bug bounties, reverse engineering, or sheer curiosity.
- Comfortable joining and contributing within a close-knit research + engineering team — you’ll collaborate, iterate, and ship together.
- Proven ability to deliver working proofs-of-concept or methods that can be hardened and moved into production (not just written reports).
Significant Advantages:
- Hands-on experience with device and network fingerprinting methods and measurement techniques.,
- Experience analyzing or building defenses against phishing, spoofing, or impersonation techniques.
- Background in threat intelligence, abuse detection, or understanding large-scale adversarial behavior.
- Prior work in cybersecurity startups or applied research environments where speed and impact matter.
- Familiarity with AI-assisted development workflows (e.g., Cursor, Copilot) and modern research tooling.
- Public research, open-source contributions, or conference talks that show initiative and curiosity beyond day-to-day work.