Were looking for a Senior Security Researcher to drive high-impact research across cloud, runtime, and application environments, and translate it into product-grade detections. This is a hands-on role for someone who can lead investigations end-to-end: from understanding attacker tradecraft and vulnerabilities, through building reliable detection logic, to influencing product direction.
On a typical day youll :
Lead deep-dive research into real-world attacks, vulnerabilities, and emerging cloud and runtime techniques
Own complex investigations (DFIR, threat hunting, root-cause analysis) and convert learnings into durable detections
Design and implement advanced detection logic and analytics across cloud assets, containers, Kubernetes, and Linux runtime telemetry
Build prototypes and production-ready components that improve detection accuracy, fidelity, and coverage
Partner closely with engineering and product to shape roadmap priorities and guide implementation details
Develop research methodologies, testing frameworks, and validation processes for new detections
Mentor and level up other researchers and engineers through reviews, knowledge sharing, and technical guidance
Represent the team externally through publications, technical blogs, and conference talks
Requirements: 7+ years of experience in security research, detection engineering, incident response, or comparable hands-on security roles
Demonstrated expertise in at least two of the following areas (and working knowledge in the others):
Linux internals / operating systems fundamentals
Cloud security (AWS/Azure/GCP), including common attack paths and misconfiguration patterns
DFIR, threat hunting, and investigation workflows using telemetry and logs
Vulnerability research or vulnerability management at scale (triage, prioritization, exploitation understanding)
Application and API security fundamentals
Strong programming skills in Python (Go is a strong plus); ability to produce maintainable research code and production logic
Strong data skills: comfortable working with large telemetry datasets (SQL and log analytics platforms such as Elastic or similar)
Ability to reason about attacker behavior, build threat models, and validate detections with repeatable testing
Excellent written and verbal English communication, including the ability to explain nuanced technical tradeoffs to non-research audiences
Track record of driving cross-team execution and shipping impactful security capabilities
Nice to have:
Experience with Kubernetes and container runtime security
eBPF or low-level telemetry approaches, syscall or kernel-level visibility
Reverse engineering and malware analysis
Offensive security background (web, cloud, exploit development)
Contributions to open-source security projects or published research
Experience using automation or AI-assisted techniques to scale research and detection workflows
This position is open to all candidates.