Senior Security Researcher – Mobile Malware Reverse Engineer
CrowdStrike
Cyber SecurityPython
Chief Information Security Officer – CISO
ButterflyMX
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteJob Level
Lead
Tech Stack
AWSCloudGoogle Cloud PlatformIoTSDLC
About the role
- - Own and evolve the company’s security and privacy strategy
- - Scale and mentor the Security team, developing great security team members as the company grows.
- - Build and mature the company’s security framework, balancing pragmatism and rigor across system security, application security, infrastructure security, and device security.
- - Lead security operations and incident response, ensuring the company can rapidly detect, respond to, and recover from threats.
- - Oversee compliance programs (e.g., SOC 2, GDPR, CPRA) and maintain a continuous improvement mindset beyond checkbox compliance.
- - Partner with Engineering and Product to embed security into the SDLC, CI/CD pipelines, and IoT device lifecycle.
- - Establish and maintain relationships with key stakeholders, such as executive leadership, providing actionable metrics and insights into security posture, risk trends, and emerging threats.
- - Oversee vendor risk management and ensure robust controls across third-party services and integrations.
- - Conduct regular security awareness training and education programs for employees.
- - Evaluate and select security technologies and tools to enhance the organization's security posture.
- - Build a strong security culture, from awareness and education to clear policies and positive engagement across all teams.
- - Optimize the security budget and make pragmatic tradeoffs that balance protection, velocity, and business impact.
Requirements
- - 10+ years of progressive experience in information security, including 3+ in a leadership role at a SaaS or technology company.
- - Experience securing cloud-native systems (AWS/GCP) and managing organizational security at a remote-first company.
- - Deep understanding of security frameworks and standards (e.g., NIST CSF, CIS, ISO 27001, SOC 2, OWASP).
- - Strong background in incident response, threat modeling, and risk management.
- - Proven ability to partner with product and engineering teams to design secure, scalable architectures.
- - Experience building and mentoring high-performing security teams.
- - Excellent communication skills enabling you to distill complex security topics for executives, engineers, and customers alike.
- - A balanced, business-first mindset: you make practical, risk-informed decisions rather than striving for theoretical perfection.
- - Certifications such as CISSP, CISM, or CRISC (preferred but not required).
Benefits
- - Comprehensive Medical (ButterflyMX covers 90% of the cost), Dental, and Vision plans (ButterflyMX covers 100% of the cost) starting day 1
- - 401(k) plan with a match
- - 13 paid holidays and 25 days PTO
- - Paid Family Leave
- - Employee Assistance Program
- - Quarterly self-care stipends
- - HealthAdvocacy Program
- - Access to optional benefits including pre-tax flexible healthcare spending accounts (FSA and HSA), Dependent Care FSA, and Commuter Benefits, as well as optional Supplemental Life, AD&D, Hospital Indemnity, Disability, Legal, Accident, Critical Illness, Pet, and Personal Liability Insurance
- - Collaborative, dynamic work environment filled with kind, smart people, who are working hard on an industry-defining product
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
information securitycloud-native securityincident responsethreat modelingrisk managementsecurity frameworkssecurity standardssecurity architecturesecurity operationsvendor risk management
Soft skills
mentoringcommunicationcollaborationleadershipstrategic thinkingproblem-solvingdecision-makingrelationship buildingcontinuous improvement mindsetsecurity culture development
Certifications
CISSPCISMCRISC
