Join Rublon to work with a team of cybersecurity enthusiasts who are building the future of enterprise user authentication. Rublon is a multi-factor authentication platform used by hundreds of customers across the globe to protect employee logins to networks, servers and applications.

We are looking for a long-term employee who will support us in the following area:

R&D on Multi-Factor Authentication Security

Rublon’s research & development activities on Multi-Factor Authentication security will enable us to develop new solutions for passwordless multi-factor authentication. Your responsibilities will include conducting in-depth threat-modelling and cryptographic analysis of Rublon’s authentication flows, prototyping and validating next-generation passwordless methods such as WebAuthn/FIDO2 passkeys, and continuously monitoring emerging attack vectors to keep our MFA stack one step ahead of attackers. Working hand-in-hand with product and engineering teams, you’ll translate research insights into production-ready features and publish security findings that reinforce Rublon’s position as a trusted leader in enterprise identity protection.

How You’ll Work

• Location – Remote or from our offices in Kraków or Zielona Góra in Poland
• Assessment Targets & Tooling – Windows 10/11, Windows Server, Active Directory & Entra ID (Azure AD), Kerberos, NTLM, WebAuthn / FIDO2 passkeys, Linux servers; offensive-security toolset including BloodHound, Mimikatz, Impacket, Metasploit, Responder, Nmap, and custom PowerShell/Python scripts.
• Team – work closely with security researchers/analysts and a project manager who coordinate priorities and share findings in weekly threat-hunting syncs.
• Language – communicate in Polish or English, whichever is most comfortable for you and your teammates.
• Hardware & Lab Access – modern laptop plus isolated virtual test environments and security keys (TPM-enabled devices, FIDO2 keys) for hands-on research.
• Self-development – company-funded online courses and certification vouchers to keep your offensive-security skills sharp.
• Employee Benefits – private medical care package, MultiSport card, and flexible working hours to support a healthy work–life balance.

What You’ll Do

• Research next-generation MFA technologies: Investigate Windows / Windows Server, Active Directory (on-prem & Azure AD), and emerging passwordless standards such as WebAuthn / FIDO2 passkeys, identifying secure integration paths and potential attack surfaces.
• Deep-dive into authentication protocols: Analyze Kerberos, NTLM, OAuth 2.0, and SAML flows to uncover weaknesses, propose hardening strategies, and validate cryptographic soundness.
• Explore hardware-backed security options: Prototype the use of TPM 2.0, security keys (U2F / FIDO2), biometrics, and Bluetooth LE proximity for frictionless, phishing-resistant login experiences.
• Document and communicate findings: Produce clear, risk-ranked reports with reproduction steps, proof-of-concepts, and actionable remediation guidance tailored for product engineering and customer success teams.
• Track emerging threats and bypass techniques: Create internal advisories and threat-model updates that inform roadmap and defensive controls.
• Support incident simulation and response: Lead red-team scenarios and post-test debriefs, helping stakeholders understand impact and prioritize fixes.

Skills You Have

• Foundational penetration-testing experience on Microsoft platforms – you’ve performed security assessments of Windows 10/11 or Windows Server environments and can use common tools (e.g., Nmap, Responder, BloodHound) to spot basic misconfigurations.
• Good understanding of authentication concepts – you know how MFA, Kerberos, and NTLM work at a high level and can explain typical attack paths such as pass-the-hash or credential relays.
• Working knowledge of Active Directory security – you can review group-policy and privilege assignments, map trust relationships, and identify exposures that weaken MFA deployments.
• Familiarity with modern MFA standards – you’ve read specifications or lab-tested solutions that use WebAuthn / FIDO2 passkeys, smartcards, or one-time codes, and understand their basic threat models.
• Comfort with scripting and PoC creation – you can write small PowerShell or Python snippets to automate reconnaissance, parsing logs, or demonstrating a finding.
• Clear written and verbal communication – you translate technical findings into concise, well-structured reports and enjoy explaining risk and remediation steps to engineers and non-technical stakeholders.
• Continuous learner mindset – you track new CVEs, read security blogs, and are eager to dig into fresh attack techniques or defensive best practices.
• Team-oriented approach – you collaborate well in remote, cross-functional groups, ask questions when stuck, and give constructive feedback during peer reviews and debriefs.

Nice To Haves

• Hands-on experience testing or administering Azure AD / Entra ID environments.
• Practical exposure to hardware-backed factors (TPM, YubiKey, or Bluetooth LE proximity) in authentication flows.
• Familiarity with red-team frameworks (e.g., MITRE ATT&CK) and basic threat-modeling methodologies.
• Industry certifications such as CompTIA Security+, eJPT, OSCP, or CRTP—proof of commitment to offensive-security skills.
• Previous participation in security communities (CTFs, local meet-ups, or published blog posts/papers).

Why Apply

• Work on mission-critical security challenges – your findings will directly shape Rublon’s next-generation MFA products and protect millions of users from account takeover.
• Learn from and with high-performing peers – collaborate daily with experienced penetration testers, cryptographers, and software engineers who enjoy sharing knowledge and sharpening each other’s skills.
• Impact without bureaucracy – small, expert teams ship improvements quickly; your recommendations move from report to remediation in weeks, not quarters.

Steps After You Apply

• You’ll be invited to an online meeting with our recruiter
• Afterwards, we’ll ask you to do a small assignment, which will then be discussed with one of our technical leads
• If everything goes well, we will make you an offer and invite you to a final interview