we are looking for a Cloud Security Researcher.
As a Cloud Security Researcher, you will explore and exploit cloud-native attack surfaces, uncovering new vulnerabilities and researching misconfigurations across AWS, Azure, GCP, and container ecosystems. Youll work on offensive cloud security projects that blend creativity, technical depth, and innovation, contributing to cutting-edge tools and methodologies.
Roles and Responsibilities:
Research and develop novel attack techniques targeting cloud environments and infrastructure.
Analyze and exploit vulnerabilities across multi-cloud platforms (AWS, Azure, GCP).
Identify and document security flaws in cloud configurations, networking, and identity systems.
Perform hands-on testing in containerized and Kubernetes-based systems.
Collaborate with engineering and product teams to translate research into security features and best practices.
Develop PoCs, tools, and scripts to automate vulnerability discovery.
Contribute to the wider security research community through responsible disclosure and technical publications.
Stay ahead of emerging cloud threats, security trends, and adversarial TTPs (MITRE ATT&CK, OWASP Cloud-Native Top 10).
As a Cloud Security Researcher, you will explore and exploit cloud-native attack surfaces, uncovering new vulnerabilities and researching misconfigurations across AWS, Azure, GCP, and container ecosystems. Youll work on offensive cloud security projects that blend creativity, technical depth, and innovation, contributing to cutting-edge tools and methodologies.
Roles and Responsibilities:
Research and develop novel attack techniques targeting cloud environments and infrastructure.
Analyze and exploit vulnerabilities across multi-cloud platforms (AWS, Azure, GCP).
Identify and document security flaws in cloud configurations, networking, and identity systems.
Perform hands-on testing in containerized and Kubernetes-based systems.
Collaborate with engineering and product teams to translate research into security features and best practices.
Develop PoCs, tools, and scripts to automate vulnerability discovery.
Contribute to the wider security research community through responsible disclosure and technical publications.
Stay ahead of emerging cloud threats, security trends, and adversarial TTPs (MITRE ATT&CK, OWASP Cloud-Native Top 10).
Requirements:
In-depth understanding of cloud services (AWS, Azure, GCP) and their security models.
Practical experience in attacking or defending cloud environments.
Experience with Kubernetes, containerized workloads, and CI/CD environments.
Strong scripting/programming skills (Python, Go, or similar).
Analytical mindset and hands-on experience identifying and exploiting real-world vulnerabilities.
Preferred Skills:
Research background in cloud or infrastructure security.
Knowledge of IaC (Terraform, CloudFormation) and its security implications.
Familiarity with cloud-native security tooling and monitoring systems.
Contributions to open-source security projects or research publications.
In-depth understanding of cloud services (AWS, Azure, GCP) and their security models.
Practical experience in attacking or defending cloud environments.
Experience with Kubernetes, containerized workloads, and CI/CD environments.
Strong scripting/programming skills (Python, Go, or similar).
Analytical mindset and hands-on experience identifying and exploiting real-world vulnerabilities.
Preferred Skills:
Research background in cloud or infrastructure security.
Knowledge of IaC (Terraform, CloudFormation) and its security implications.
Familiarity with cloud-native security tooling and monitoring systems.
Contributions to open-source security projects or research publications.
This position is open to all candidates.
