דרושים » אבטחת מידע וסייבר » Application Security Researcher

our company Cloud Security is seeking a Senior Vulnerability Researcher. In this role, you will research various cloud assets, roles, relations, and configurations to uncover 0-day vulnerabilities in major cloud providers and technologies. You will lead innovation, solve complex problems, and develop strategies for both attacking and defending cloud environments.
Furthermore, you will be in charge of fostering and spreading our company Cloud Securitys technical expertise. You will present your novel work at conferences and author papers and blogs. You will also build open-source cloud security tools and solutions.
If youre a curious, creative, technical person with an attackers mindset, strong systemic thinking, and a passion for taking things apart and understanding how they work, we encourage you to apply.
Your Role:
Investigate and analyze the multi-cloud stack to find 0-day vulnerabilities, security holes, weaknesses, and design flaws
Follow emerging security threats, author blogs about novel research, publish content, and speak at conferences
Conduct technical research on cloud platforms to yield new insights, theories, analyses, TTPs
Serve as a technical leader and contributor for a research team exploring emerging cloud technologies and services.

our company Cloud Security is seeking a Senior Vulnerability Researcher. In this role, you will research various cloud assets, roles, relations, and configurations to uncover 0-day vulnerabilities in major cloud providers and technologies. You will lead innovation, solve complex problems, and develop strategies for both attacking and defending cloud environments.
Furthermore, you will be in charge of fostering and spreading our company Cloud Securitys technical expertise. You will present your novel work at conferences and author papers and blogs. You will also build open-source cloud security tools and solutions.
If youre a curious, creative, technical person with an attackers mindset, strong systemic thinking, and a passion for taking things apart and understanding how they work, we encourage you to apply.
Your Role:
Investigate and analyze the multi-cloud stack to find 0-day vulnerabilities, security holes, weaknesses, and design flaws
Follow emerging security threats, author blogs about novel research, publish content, and speak at conferences
Conduct technical research on cloud platforms to yield new insights, theories, analyses, TTPs
Serve as a technical leader and contributor for a research team exploring emerging cloud technologies and services.

our company Cloud Security is seeking a Senior Security Researcher - AI Security to join our highly technical product research team working at the core of our cloud security platform. This is a rare opportunity to define a new discipline. AI security is an emerging field with few established playbooks, and you will help write them. In this role, you will own the research direction for AI security across our company's platform, uncovering novel risks in AI-native systems and translating that knowledge into product capabilities and industry-leading research. You'll be surrounded by experienced researchers and engineers who live and breathe security, with the space and backing to do original work in a domain that is rapidly evolving.
We're looking for an exceptional security researcher who can navigate ambiguity, think like an attacker, and bring clarity to a space that lacks it. You're curious, technically deep, and energized by the challenge of defining risk in systems that are still being understood.
Your Role:
Be at the forefront of an emerging discipline. Conduct technical analysis of AI frameworks, services, and architectures to discover novel risks, vulnerabilities, and attack vectors before they become industry-wide problems .
Define AI security risk by analyzing how exposure is created and exploited in AI systems. Collaborate with engineering and product teams to translate AI research into product findings.
Evaluate the risk of pre-trained models, vector databases, and orchestration frameworks (e.g., LangChain, LlamaIndex) to define how shadow AI creates organizational exposure.
Author blogs, whitepapers, and technical advisories that set the industry narrative. Present original research at leading conferences and serve as our company's external voice on AI risk topics.
Analyze AI systems from an attacker's perspective to define trust boundaries, map attack techniques, and identify exploitable paths. Translate findings into product features and outbound research.
Investigate and analyze AI infrastructures and services to find 0-day vulnerabilities, security holes, weaknesses, and design flaws.

our company Cloud Security is seeking a Senior Security Researcher - AI Security to join our highly technical product research team working at the core of our cloud security platform. This is a rare opportunity to define a new discipline. AI security is an emerging field with few established playbooks, and you will help write them. In this role, you will own the research direction for AI security across our company's platform, uncovering novel risks in AI-native systems and translating that knowledge into product capabilities and industry-leading research. You'll be surrounded by experienced researchers and engineers who live and breathe security, with the space and backing to do original work in a domain that is rapidly evolving.
We're looking for an exceptional security researcher who can navigate ambiguity, think like an attacker, and bring clarity to a space that lacks it. You're curious, technically deep, and energized by the challenge of defining risk in systems that are still being understood.
Your Role:
Be at the forefront of an emerging discipline. Conduct technical analysis of AI frameworks, services, and architectures to discover novel risks, vulnerabilities, and attack vectors before they become industry-wide problems .
Define AI security risk by analyzing how exposure is created and exploited in AI systems. Collaborate with engineering and product teams to translate AI research into product findings.
Evaluate the risk of pre-trained models, vector databases, and orchestration frameworks (e.g., LangChain, LlamaIndex) to define how shadow AI creates organizational exposure.
Author blogs, whitepapers, and technical advisories that set the industry narrative. Present original research at leading conferences and serve as our company's external voice on AI risk topics.
Analyze AI systems from an attacker's perspective to define trust boundaries, map attack techniques, and identify exploitable paths. Translate findings into product features and outbound research.
Investigate and analyze AI infrastructures and services to find 0-day vulnerabilities, security holes, weaknesses, and design flaws.

The Team Our research team is at the core of our products and connected directly to the mission of preventing cyberattacks. We are constantly innovating - challenging the way we, and the industry, think about cybersecurity. Our researchers dont shy away from building products to solve problems no one has pursued before. We define the industry instead of waiting for directions. We need individuals who feel comfortable in ambiguity, excited by the prospect of a challenge, and empowered by the unknown risks facing our everyday lives that are only enabled by a secure digital environment. Job Summary If you are an innovator at heart and passionate about redefining how organizations secure modern environments end-to-end, we're looking for you. As a Manager of the Core Cloud Posture team, you will lead a new, high-impact team of security researchers. You'll innovate and build on top of our market-leading posture portfolio and be responsible for the "what's next." Your mission is to innovate on top of this foundation, build the intelligent "connective tissue" that provides unparalleled context, and architect the next-generation features that will keep us ahead of the market. Key Responsibilities Lead, and grow a team of talented security researchers focused on enhancing the cloud security posture of our customers Act as a technical mentor and force multiplier for junior security researchers. You will actively share your deep industry experience, guide their research methodologies, and foster a learning environment that accelerates their professional development from talented juniors into autonomous experts Champion the continuous evolution of our security logic. You will ensure our posture coverage keeps pace with the rapidly changing cloud landscape, systematically addressing gaps and refining our policies to address evolving threats Leverage our advanced cross-product engines to synthesize isolated findings into a cohesive, prioritized story of risk for the customer Stay ahead of the evolving cloud threat landscape, translating the latest research on cloud-native based attacks into resilient posture policies that effectively minimize the attack surface Foster collaboration across engineering, product management, and go-to-market teams to deliver impactful security solutions

We are on an expedition to find you, someone who is passionate about creating intuitive, out-of-this-world security research. You'll help us harness the power of our companys trillions of security signals to rapidly diagnose and alert the latest attacker behaviors, drive critical context-rich signals, construct new tools and automations to support customers, identify threats, and detect advanced attacker techniques.
The Responsibilities
Analyze various network devices, configurations and security products
Implement methods and algorithms to discover network topology, relationships between devices and potential lateral movement paths
Conduct network security assessments to identify weaknesses in customers network infrastructure, and recommend mitigations to monitor and limit unauthorized access
Develop research tools and frameworks to perform automatic analysis of network devices and security products
Research and analyze network-related cybersecurity threats and trends
Work closely with other internal engineering and AI teams to integrate new capabilities into our platform and guide cross-product architectural decisions
Act as a security subject matter expert for multidisciplinary teams.

We're looking for a hands-on Application Security leader with extensive experience building and scaling AppSec programs in high-growth software environments. Proven ability to balance strategy with execution, embed security into engineering workflows, and partner closely with R&D teams to deliver measurable risk reduction without slowing development.
What will you do?
Mature and scale our Application Security function across R&D, establishing clear ownership, processes, and engagement models with engineering teams
Embed application security into CI/CD pipelines and daily development workflows, enabling secure-by-default engineering practices
Hands on knowledge in pen testing and code review in multiple languages.
Lead the implementation, tuning, and ongoing optimization of AppSec tooling (Semgrep, Oligo, Escape DAST), and our company Bug bounty program, driving high signal-to-noise detection and actionable remediation
Define and maintain application security standards, policies, and secure development frameworks aligned with business and engineering needs
Conduct and Lead threat modeling sessions, architecture risk reviews, and secure design assessments for new and existing services
Partner closely with Engineering Managers, Tech Leads, and Architects to promote secure coding practices and pragmatic security decisions
Support our company research program company CTRL, with dedicated research activities and focus on new vulnerabilities discovery.
Establish and track meaningful AppSec KPIs (vulnerability trends, remediation SLAs, pipeline coverage, risk posture) and reported progress to stakeholders
Translate security initiatives into clear execution plans, ensuring adoption and measurable impact across teams
Mentor engineers and security champions, gradually expanding AppSec ownership and scaling the program with organizational growth.

we are looking for an experienced Security Researcher to join our growing research team. The team's responsibility is vulnerability research for both PR purposes and research for our companys product. In this role, you will focus on vulnerability research of open-source projects and reverse engineering of low-level binaries. The team also focuses on AI security and low-level product security research.
A key part of your work will include analyzing internal code and identifying security risks to improve our companys overall security posture and support our PR efforts.
What you will do
Vulnerability Discovery: Research and discover vulnerabilities across AI applications, low-level products, and cloud environments, including the development of functional Proof-of-Concepts (PoCs).
Public Research & PR: Publish technical blogs and present your research at major security conferences.
Technical Product Research: Produce in-depth technical research and conduct reverse engineering of security products to directly support the development of our companys product and platform.
Stay up to date with newly discovered CVEs, attack techniques, and threat trends
Cross-Functional Collaboration: Partner with product and engineering teams to help improve our companys security.

We are looking for a highly motivated and technically proficient Security Researcher to join our security research division.

Were looking for a top-notch Threat Detection Researcher to join our team and spread our power. In this role, you will further develop the Runtime Sensor as part of our threat research team.
WHAT YOULL DO
Develop detections and tools to protect customers from cloud threats
Investigate attacks on cloud environments and malware targeting cloud workloads
Hunt and analyze real-world attacks and emerging cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Work with customers in response to requests related to suspicious activity or potential incidents
Create best practices and security policies based on research findings
Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research.