Security Research Engineer

Founded in 2017, Obsidian Security was created to close a critical gap: securing the SaaS applications where modern business happens—platforms like Microsoft 365, Salesforce, and hundreds more.

Backed by top investors including Greylock, Norwest Venture Partners, and IVP, we’ve built a complete SaaS security platform to reduce risk, detect and respond to threats, and prevent breaches at the source. Our team includes leaders who helped define the categories of endpoint and identity security at CrowdStrike, Okta, Cylance, and Carbon Black.

Now, we’re transforming how SaaS is secured—in the era of agentic AI.

Today, Obsidian is trusted by global enterprises like Snowflake, T-Mobile, and Pure Storage. We protect more than 200 organizations across North America, Europe, the Middle East, Southeast Asia, Australia, and New Zealand—including many of the world’s largest Fortune 1000 and Global 2000 companies.

With strong global momentum, a growing partner ecosystem including SentinelOne, Databricks, and Google Cloud, and a major fundraise on the horizon, we’re scaling quickly toward long-term growth and IPO readiness. Join us as we define the future of SaaS security!

About The Role

At Obsidian, we relentlessly pursue clarity in a landscape defined by complexity. We’re looking for Security Research Engineers who thrive at the intersection of security research and product engineering. You’ll dig deep into SaaS platforms, craft high-impact product features, and help shape the defensive strategies that protect our customers at scale.

This role is for someone who loves gaining a deep understanding of complex systems, who enjoys thinking like an attacker, and who wants to create category-leading security solutions for Obsidian's customers.

What You’ll Do

• Gain an in-depth understanding of major SaaS or AI platforms to identify critical security insights.
• Explore and prototype solutions to integrate data across SaaS and AI platforms to identify toxic combinations of risks that can lead to high blast-radius compromises.
• Identify and respond to new attacker techniques against SaaS and AI platforms to build novel approaches to detect or mitigate future attacks.
• Leverage AI to turbo-charge research into SaaS and AI platform security.

Minimum Qualifications / What We’re Looking For

• 5-7 years of experience in the cybersecurity industry with either a research or data focus.
• Experience with data pipelines (dbt, dagster, clickhouse).
• Proficiency in Python/Go and SQL.
• Experience with log processing and anomaly detection.
• Fluency in using AI agents to assist in building prototype solutions.
• Ability to analyze logs and signals from IdPs, cloud, or SaaS apps.

Preferred Qualifications

• Experience with core SaaS platforms such as Google Workspace, Microsoft Office 365, Salesforce, or Workday in a security context.
• Strong understanding of identity systems (Okta, Azure AD/Entra, Google Workspace, etc.) and authentication flows.

Why Join Us

• Protect some of the world's largest organizations.
• Become an expert in SaaS security by learning from the industry’s leader.
• Have a direct impact immediately, and experience Silicon Valley pace from the UK.

#J-18808-Ljbffr