Rublon’s research & development activities on Multi-Factor Authentication security will enable us to develop new solutions for passwordless multi-factor authentication. Your responsibilities will include conducting in-depth threat-modelling and cryptographic analysis of Rublon’s authentication flows, prototyping and validating next-generation passwordless methods such as WebAuthn/FIDO2 passkeys, and continuously monitoring emerging attack vectors to keep our MFA stack one step ahead of attackers. Working hand-in-hand with product and engineering teams, you’ll translate research insights into production-ready features and publish security findings that reinforce Rublon’s position as a trusted leader in enterprise identity protection.
responsibilities :
Research next-generation MFA technologies: Investigate Windows / Windows Server, Active Directory (on-prem & Azure AD), and emerging passwordless standards such as WebAuthn / FIDO2 passkeys, identifying secure integration paths and potential attack surfaces.
Deep-dive into authentication protocols: Analyze Kerberos, NTLM, OAuth 2.0, and SAML flows to uncover weaknesses, propose hardening strategies, and validate cryptographic soundness.
Explore hardware-backed security options: Prototype the use of TPM 2.0, security keys (U2F / FIDO2), biometrics, and Bluetooth LE proximity for frictionless, phishing-resistant login experiences.
Document and communicate findings: Produce clear, risk-ranked reports with reproduction steps, proof-of-concepts, and actionable remediation guidance tailored for product engineering and customer success teams.
Track emerging threats and bypass techniques: Create internal advisories and threat-model updates that inform roadmap and defensive controls.
Support incident simulation and response: Lead red-team scenarios and post-test debriefs, helping stakeholders understand impact and prioritize fixes.
requirements-expected :
Foundational penetration-testing experience on Microsoft platforms – you’ve performed security assessments of Windows 10/11 or Windows Server environments and can use common tools (e.g., Nmap, Responder, BloodHound) to spot basic misconfigurations.
Good understanding of authentication concepts – you know how MFA, Kerberos, and NTLM work at a high level and can explain typical attack paths such as pass-the-hash or credential relays.
Working knowledge of Active Directory security – you can review group-policy and privilege assignments, map trust relationships, and identify exposures that weaken MFA deployments.
Familiarity with modern MFA standards – you’ve read specifications or lab-tested solutions that use WebAuthn / FIDO2 passkeys, smartcards, or one-time codes, and understand their basic threat models.
Comfort with scripting and PoC creation – you can write small PowerShell or Python snippets to automate reconnaissance, parsing logs, or demonstrating a finding.
Clear written and verbal communication – you translate technical findings into concise, well-structured reports and enjoy explaining risk and remediation steps to engineers and non-technical stakeholders.
Continuous learner mindset – you track new CVEs, read security blogs, and are eager to dig into fresh attack techniques or defensive best practices.
Team-oriented approach – you collaborate well in remote, cross-functional groups, ask questions when stuck, and give constructive feedback during peer reviews and debriefs.
offered :
Location – Remote or from our offices in Kraków or Zielona Góra in Poland
Assessment Targets & Tooling – Windows 10/11, Windows Server, Active Directory & Entra ID (Azure AD), Kerberos, NTLM, WebAuthn / FIDO2 passkeys, Linux servers; offensive-security toolset including BloodHound, Mimikatz, Impacket, Metasploit, Responder, Nmap, and custom PowerShell/Python scripts.
Team – work closely with security researchers/analysts and a project manager who coordinate priorities and share findings in weekly threat-hunting syncs.
Language – communicate in Polish or English, whichever is most comfortable for you and your teammates.
Hardware & Lab Access – modern laptop plus isolated virtual test environments and security keys (TPM-enabled devices, FIDO2 keys) for hands-on research.
Self-development – company-funded online courses and certification vouchers to keep your offensive-security skills sharp.
Employee Benefits – private medical care package, MultiSport card, and flexible working hours to support a healthy work–life balance.
benefits :
private medical care
sharing the costs of professional training & courses
