Associate Security Researcher
The Role
At Cobalt, we are evolving the way we approach security research. We are looking for an Associate Security Researcher who doesn't just want to 'break things,' but who wants to understand the why and how behind the defense.
This is a unique 'Purple Team' role. We are looking for a candidate with a strong foundational background in Systems Administration who wants to transition into security research. You will be the bridge between red and blue—using your knowledge of how systems are built to help us identify how they are compromised and, more importantly, how to protect them.
What You’ll Do
As an Associate on this team, you will be the backbone of our research operations. You will handle the foundational 'grunt work' that powers our high-level research while being mentored to become a full-scale Security Researcher.
Foundation & Infrastructure: Leverage your sysadmin background to set up research environments, manage lab infrastructure, and ensure our tooling is stable.
Purple Team Collaboration: Assist in simulating threats (Red) while documenting detection gaps and defensive improvements (Blue).
Research Support: Perform data collection, log analysis, and initial vulnerability triaging to support Senior Researchers.
Documentation: Maintain high-quality documentation of research findings, scripts, and internal wikis.
Continuous Learning: Engage in a structured growth path to evolve from foundational sysadmin/support tasks into deep offensive security research.
Perform technical authorship and quality control for the TPM organization by reviewing penetration testing findings and final reports to ensure accuracy and actionable remediation guidance.
Who You Are
We aren't looking for a 'hardcore pentester' who only cares about the exploit. We want a curious, methodical problem-solver who understands how a network breathes.
Required Qualifications:
The Sysadmin Spirit: You have a background in systems administration or IT operations. You understand servers, networking, permissions, and logs because you’ve managed them.
Security Mindset: You have a strong grasp of security fundamentals and likely hold certifications such as Security+, CySA+, GSEC, or are working toward an OSCP.
Pentesting Awareness: You understand the methodology of a penetration test (recon, scanning, exploitation), even if you haven't been a full-time pentester yet.
US-Based: For logistical and compliance reasons, this role is strictly limited to candidates residing in the United States.
Time Zone Alignment: Preference will be given to candidates in EST or CST to align with our team’s morning-heavy meeting schedule.
Bonus Points if:
You have experience with automation (Python, Bash, or PowerShell).
You have an interest in cloud security (AWS/GCP/Azure).
You enjoy 'tinkering' in a home lab environment.
Why You Should Join Us
Grow in a passionate, rapidly expanding industry operating at the forefront of the Pentesting industry
Work directly with experienced senior leaders with ongoing mentorship opportunities
Earn competitive compensation and an attractive equity plan
Save for the future with a 401(k) program (US) or pension (EU)
Benefit from medical, dental, vision and life insurance (US) or statutory healthcare (EU)
Leverage stipends for:
Wellness
Work-from-home equipment & wifi
Learning & development
Make the most of our flexible, generous paid time off, and paid parental leave
Pay Range Disclosure
Cobalt is committed to fair and equitable compensation practices. The salary range for this role is ($55k - 85k ) per year + equity + benefits. A candidate’s salary is determined by various factors including, but not limited to, relevant work experience, skills, and certifications. The salary range may differ in other states and may be impacted by proximity to major metropolitan cities.
Cobalt (the 'Company') is an equal opportunity employer, and we want the best available persons for every job. The Company makes employment decisions only based on merit. It is the Company's policy to prohibit discrimination in any employment opportunity (including but not limited to recruitment, employment, promotion, salary increases, benefits, termination and all other terms and conditions of employment) based on race, color, sex, sexual orientation, gender, gender identity, gender expression, genetic information, pregnancy, religious creed, national origin, ancestry, age, physical/mental disability, medical condition, marital/domestic partner status, military and veteran status, height, weight or any other such characteristic protected by federal, state or local law. The Company is committed to complying with all applicable laws and providing equal employment opportunities. This commitment applies to all persons involved in the operations of the Company regardless of where the employee is located and prohibits unlawful discrimination by any employee of the Company.
Cobalt is an E-Verify employer. E-Verify is an Internet-based system operated by the Department of Homeland Security (DHS) in partnership with the Social Security Administration (SSA). It allows participating employers to electronically verify the employment eligibility of their newly hired employees in the United States.
About the job
Apply for this position
Associate Security Researcher
The Role
At Cobalt, we are evolving the way we approach security research. We are looking for an Associate Security Researcher who doesn't just want to 'break things,' but who wants to understand the why and how behind the defense.
This is a unique 'Purple Team' role. We are looking for a candidate with a strong foundational background in Systems Administration who wants to transition into security research. You will be the bridge between red and blue—using your knowledge of how systems are built to help us identify how they are compromised and, more importantly, how to protect them.
What You’ll Do
As an Associate on this team, you will be the backbone of our research operations. You will handle the foundational 'grunt work' that powers our high-level research while being mentored to become a full-scale Security Researcher.
Foundation & Infrastructure: Leverage your sysadmin background to set up research environments, manage lab infrastructure, and ensure our tooling is stable.
Purple Team Collaboration: Assist in simulating threats (Red) while documenting detection gaps and defensive improvements (Blue).
Research Support: Perform data collection, log analysis, and initial vulnerability triaging to support Senior Researchers.
Documentation: Maintain high-quality documentation of research findings, scripts, and internal wikis.
Continuous Learning: Engage in a structured growth path to evolve from foundational sysadmin/support tasks into deep offensive security research.
Perform technical authorship and quality control for the TPM organization by reviewing penetration testing findings and final reports to ensure accuracy and actionable remediation guidance.
Who You Are
We aren't looking for a 'hardcore pentester' who only cares about the exploit. We want a curious, methodical problem-solver who understands how a network breathes.
Required Qualifications:
The Sysadmin Spirit: You have a background in systems administration or IT operations. You understand servers, networking, permissions, and logs because you’ve managed them.
Security Mindset: You have a strong grasp of security fundamentals and likely hold certifications such as Security+, CySA+, GSEC, or are working toward an OSCP.
Pentesting Awareness: You understand the methodology of a penetration test (recon, scanning, exploitation), even if you haven't been a full-time pentester yet.
US-Based: For logistical and compliance reasons, this role is strictly limited to candidates residing in the United States.
Time Zone Alignment: Preference will be given to candidates in EST or CST to align with our team’s morning-heavy meeting schedule.
Bonus Points if:
You have experience with automation (Python, Bash, or PowerShell).
You have an interest in cloud security (AWS/GCP/Azure).
You enjoy 'tinkering' in a home lab environment.
Why You Should Join Us
Grow in a passionate, rapidly expanding industry operating at the forefront of the Pentesting industry
Work directly with experienced senior leaders with ongoing mentorship opportunities
Earn competitive compensation and an attractive equity plan
Save for the future with a 401(k) program (US) or pension (EU)
Benefit from medical, dental, vision and life insurance (US) or statutory healthcare (EU)
Leverage stipends for:
Wellness
Work-from-home equipment & wifi
Learning & development
Make the most of our flexible, generous paid time off, and paid parental leave
Pay Range Disclosure
Cobalt is committed to fair and equitable compensation practices. The salary range for this role is ($55k - 85k ) per year + equity + benefits. A candidate’s salary is determined by various factors including, but not limited to, relevant work experience, skills, and certifications. The salary range may differ in other states and may be impacted by proximity to major metropolitan cities.
Cobalt (the 'Company') is an equal opportunity employer, and we want the best available persons for every job. The Company makes employment decisions only based on merit. It is the Company's policy to prohibit discrimination in any employment opportunity (including but not limited to recruitment, employment, promotion, salary increases, benefits, termination and all other terms and conditions of employment) based on race, color, sex, sexual orientation, gender, gender identity, gender expression, genetic information, pregnancy, religious creed, national origin, ancestry, age, physical/mental disability, medical condition, marital/domestic partner status, military and veteran status, height, weight or any other such characteristic protected by federal, state or local law. The Company is committed to complying with all applicable laws and providing equal employment opportunities. This commitment applies to all persons involved in the operations of the Company regardless of where the employee is located and prohibits unlawful discrimination by any employee of the Company.
Cobalt is an E-Verify employer. E-Verify is an Internet-based system operated by the Department of Homeland Security (DHS) in partnership with the Social Security Administration (SSA). It allows participating employers to electronically verify the employment eligibility of their newly hired employees in the United States.