דרושים » אבטחת מידע וסייבר » Senior Cloud Security Researcher

We are looking for a Cloud Security Researcher who will join our mission to revolutionize cyber defense through innovative research and cutting-edge technology. As part of our research work, you'll investigate cyberattacks targeting cloud and SaaS (Software as a Service) environments, enhancing expertise and contributing directly to the evolution of our CDR (Cloud Detection and Response) platform. Youll collaborate with cross-functional teams, bridging knowledge and aligning efforts across the organization.

What You'll Do
Lead groundbreaking research into cyberattacks targeting cloud platforms, SaaS applications, Kubernetes, and related technologies.
Develop innovative detection methods and forensic investigation techniques for attacks in cloud environments.
Conduct in-depth investigations into real-world cloud incidents, enriching our knowledge base and advancing our detection capabilities.
Contribute to the design and enhancement of cloud forensics capabilities to support CDR platform development.
Collaborate with the engineering team to identify and leverage new forensic data sources from cloud environments.

We are seeking a highly skilled and motivated Senior Security Researcher to join our dynamic team.
As a Senior Security Researcher, you will play a pivotal role in simulating real-world attack scenarios, identifying vulnerabilities, and contributing to the development of innovative security solutions. You will work alongside some of the best security experts in the industry, driving research initiatives and enhancing your knowledge of emerging threats and attack techniques.
Key Responsibilities:
Conduct in-depth research and analysis of n-day vulnerabilities to assess risk and potential impact.
Investigate attack vectors across various operating systems and cloud environments (IaaS/SaaS).
Define and document mitigation strategies for discovered attack techniques, collaborating with development teams for implementation.
Drive the integration of research findings into product features, ensuring enhanced security capabilities.
Stay abreast of the latest security trends, technologies, and best practices to maintain expertise in the field.
Collaborate with cross-functional teams to communicate and implement identified attacks, techniques, and solutions.
Contribute to public security research through blog posts and potentially present findings at industry conferences.

Ask a member of our team and theyll answer, Our people! We work together to build and innovate best-in-class cybersecurity solutions for our customers; all while creating a culture of belonging, respect, and excellence where we can be our best selves. When youre part of our team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together!
Cloud Security was established through the acquisition of Ermetic, an innovative cloud-native application protection platform (CNAPP) company, and a leading provider of CIEM. This acquisition is a significant step in mission to shift organizations towards proactive security, offering market-leading contextual risk visibility, prioritization, and remediation across both on-premises and cloud infrastructures.
Your Opportunity:
Cloud Security is seeking a Senior Vulnerability Researcher. In this role, you will research various cloud assets, roles, relations, and configurations to uncover 0-day vulnerabilities in major cloud providers and technologies. You will lead innovation, solve complex problems, and develop strategies for both attacking and defending cloud environments.
Furthermore, you will be in charge of fostering and spreading Cloud Securitys technical expertise. You will present your novel work at conferences and author papers and blogs. You will also build open-source cloud security tools and solutions.
If youre a curious, creative, technical person with an attackers mindset, strong systemic thinking, and a passion for taking things apart and understanding how they work, we encourage you to apply.
Your Role:
Investigate and analyze the multi-cloud stack to find 0-day vulnerabilities, security holes, weaknesses, and design flaws
Follow emerging security threats, author blogs about novel research, publish content, and speak at conferences
Conduct technical research on cloud platforms to yield new insights, theories, analyses, TTPs
Serve as a technical leader and contributor for a research team exploring emerging cloud technologies and services

The Research team takes on the immense challenge of identifying and stopping malicious activity across vast streams of traffic. By crafting innovative solutions, we empower our products to make trillions of decisions every day with unparalleled precision. Our work directly impacts the safety of the internet and ensures that remains the best-in-class solution for our customers, standing strong against the ever-evolving tactics of attackers.
Were looking for a Senior Web Security Researcher to be part of a team of highly skilled professionals that include security researchers, data researchers, data scientists and software engineers who continuously hunt for threats, evaluate and develop new detection techniques, and share intel and attribution for cybercrime activity with the goal of protecting our customers while keeping the internet human.
What you'll do:
Play a lot with the web-browsers, trying to find differences in behavior between them.
Research and develop signal collection on both mobile and desktop, which enables detection and improve our protection
Find ways to detect automation, for example, tools like Selenium, Playwright or Puppeteer.
Understand customer specific requirements, deliver with impact and exceed customer expectations.
Discover adversary tactics, techniques, and procedures leveraged by bots.
Create and validate data insights to enhance detection excellence.
Share security research topics through blogs, research talks, knowledge base and external engagements including conference presentations, detailing your discoveries for internal and external sharing.
Find bad stuff on the internet, see if you can figure out how it is done, document it.
Red team, experiment, and develop new tactics for various kinds of fraud and to bypass our detection, no need to wait for an attack to be discovered and used by adversaries first.
Stay abreast of cyber security trends and events related to our mission.
Contribute high impact work that substantially benefits team level metrics and OKRs.
Develop techniques, tools and scripts to simplify yours and others work.

We are looking for a Cyber Security Researcher to drive innovation in security defenses for on-premises and cloud environments. Your primary focus will be twofold:
1. Researching and developing novel defensive mechanisms to detect and mitigate advanced threats.
2. Contributing to open-source security tools by developing new solutions and enhancing existing ones.If you have a passion for security research, a strong technical foundation, and a drive to make meaningful contributions to the cybersecurity community, wed love to hear from you.
Responsibilities:
Research and prototype novel security defense techniques for on-prem and cloud-based systems
Analyze modern attack techniques and develop countermeasures to mitigate them.
Design, develop, and improve open-source security tools to help defenders detect and respond to threats.
Reverse engineer malware, attack tools, and security mechanisms to identify vulnerabilities and improvements.
Investigate Windows internals and authentication protocols (NTLM, Kerberos, SAML, OAuth) to enhance security defenses.Write secure, efficient, and maintainable C/C++ code for research and tooling purposes.
Collaborate with the security research community and contribute to blogs, whitepapers, and conference talks.
Stay ahead of the evolving threat landscape and propose innovative security solutions.

We are seeking a Senior Vulnerability Researcher. In this role, you will research various cloud assets, roles, relations, and configurations to uncover 0-day vulnerabilities in major cloud providers and technologies. You will lead innovation, solve complex problems, and develop strategies for both attacking and defending cloud environments.

Furthermore, you will be in charge of fostering and spreading Tenable Cloud Securitys technical expertise. You will present your novel work at conferences and author papers and blogs. You will also build open-source cloud security tools and solutions.

If youre a curious, creative, technical person with an attackers mindset, strong systemic thinking, and a passion for taking things apart and understanding how they work, we encourage you to apply.

Your Role:

Investigate and analyze the multi-cloud stack to find 0-day vulnerabilities, security holes, weaknesses, and design flaws.

Follow emerging security threats, author blogs about novel research, publish content, and speak at conferences.

Conduct technical research on cloud platforms to yield new insights, theories, analyses, TTPs.

Serve as a technical leader and contributor for a research team exploring emerging cloud technologies and services.

We are seeking an experienced Senior Security Researcher to join our Research department, focusing on low-code/no-code platforms, AI copilots, and generative AI technologies. This role offers a unique opportunity to lead cutting-edge security research and help shape the future of application security in these rapidly evolving fields.

Responsibilities

Conduct thorough research to identify security weaknesses and vulnerabilities within low-code/no-code platforms, AI copilots, and Gen AI technologies.
Perform in-depth analysis of web and API security, identifying potential threats and developing mitigation strategies.
Work closely with cross-functional teams to address security concerns throughout the development lifecycle, particularly in AI and low-code/no-code environments.
Stay up-to-date with the latest industry trends, security threats, and advancements in low-code/no-code and AI technologies.
Develop proof-of-concept exploits, provide recommendations for remediation to affected vendors, and contribute to security detections in the platform.
Contribute to the development of security guidelines, best practices, and standards tailored for low-code/no-code platforms and AI security.
Collaborate with external security researchers and organizations to enhance the security posture of the low-code/no-code and AI landscape.
Conduct publishable research, sharing insights through blog posts, conference talks, and meet-ups to advance the broader security community.

We're seeking a Research Developer (Python) who thrives in a security-focused research environment. As a member of our Research team, you'll collaborate closely with researchers and engineers to enhance our detection, investigation, and response capabilities, directly influencing our Cloud Detection and Response (CDR) platform.

What You'll Do
Develop Python-based tools, scripts, and frameworks supporting security research and investigations.
Collaborate with security researchers to translate research findings into practical detection and response mechanisms.
Contribute directly to the development and enhancement of our cloud forensic analysis capabilities.
Integrate innovative detection methods into our CDR platform, enabling advanced investigation workflows.
Optimize data querying and handling processes to support large-scale security research activities.

We're looking for a hands-on Security Operations Engineer based in Israel to strengthen our detection and response capabilities. In this role, you will be the frontline defender of our cloud infrastructure, leading incident management and response efforts while continuously improving our security posture. You will report directly to our Security leadership team and play a critical role in safeguarding our customers' most sensitive data.

What You'll Do

Lead Incident Response: Serve as primary responder to security alerts, perform initial triage, conduct thorough investigations, and coordinate remediation efforts
Enhance Detection Capabilities: Design, implement, and fine-tune detection rules and alerts across our cloud environment to identify potential security threats
Manage Security Monitoring: Maintain and optimize our SIEM/SOAR platforms to ensure comprehensive visibility into our security posture
Drive Threat Hunting: Proactively search for indicators of compromise and potential security gaps within our cloud infrastructure
Automate SecOps Workflows: Develop and implement automation to improve identification and response times for security events
Improve Cloud Security Monitoring: Develop and run tools to gather security telemetry data from cloud production systems
Conduct Investigations: Perform forensic analysis of security incidents, document findings, and communicate effectively to stakeholders
Enhance Response Protocols: Continuously refine incident response procedures and runbooks to ensure swift and effective handling of security events

This is a unique opportunity to join an exciting early-stage startup experiencing hyper-growth, with the company more than doubling in size and revenue year over year. on a mission to help organizations deliver safe code faster to accelerate their businesses. Trusted by security teams worldwide, we have a proven track record of success and a culture that values world-class talent.

Application Security as a category is also being redefined, and is at the forefront of this transformation. As the only complete approach to Application Security Posture Management (ASPM), is resetting the standards for AppSec and trailblazing this hot new category in the market.

Were looking for a driven, entrepreneurial senior Security Researcher to join CTO team.
As a researcher and an engineer in the CTO team, you will identify and evaluate ideas for new offerings, conduct product and technical research, run experiments and validate market fit while working closely with the product, engineering and strategy teams, as well as our customers.
You will join a dynamic and fast-paced team and be a central player in the companys product design, development, marketing, and sales efforts.

You will be part of:
Evaluating Product Ideas:
Evaluating and developing ideas for new products and capabilities, sourced from across the company and customers.
Working with users, partners, colleagues and experts to consider needs, technology, trends, competition and company strategy. Articulating the product hypothesis and constructing business cases.
Conducting Technological Research:
Analysing, researching and deep diving into technologies, tools and products, existing and emerging, in order to learn how they work and how they can be utilized to build novel solutions to user problems.
Building product prototypes and technology demonstrators in order to test hypotheses, demonstrate feasibility, gather feedback and find market fit.
Collaborating with R&D:
Partnering with product owners, engineers and function leaders from ideation to realization to ensure success and adoption of initiatives. Leading multi-disciplinary teams and joint task forces.
Articulating visions, opportunities and risks; evangelizing peers and management; Communicating progress to stakeholders and leadership.