This role provides a unique opportunity to join a team with strategic importance to protecting our customers from emerging threats and novel attack methodologies in both cloud and Linux based environments. You will stay ahead of the curve with regards to the threat landscape and your research will directly impact the direction of the team and our product.
You will also get to work with vast datasets, have a direct impact on the efficacy and evolution of our detections, and play a decisive role in the strategic direction of our product development. Your contributions will enable continuous improvement of cloud detection capabilities ensuring that our customers can be secured with the most advanced security measures in place.
What You'll Do:
Initiate and conduct Cloud Research Initiatives: follow the threat landscape to identify trends in the realm of cloud infrastructure security, threat actors, novel attack approaches, and vulnerabilities in cloud-based and/or cloud-native environments and workloads.
Conduct cutting edge research in the areas of Linux security (low level and high level operating system research) and become an authoritative source of knowledge in the team
Research threats and vulnerabilities in cloud provider infrastructure and containerized applications and workloads
Develop advanced cloud security models: Create sophisticated models and frameworks for identifying and mitigating new types of cloud threats. Focus on predictive analytics and proactive threat hunting methodologies.
Collaborate with cross functional teams: Work closely with various teams, including engineering, product management, detection engineering, and threat intelligence to drive cloud detections in the falcon platform
Provide cloud security thought leadership: Share insights and best practices with the broader security community through publications, conference presentations, and technical blogs.
Proven expertise in security research, methodologies, technologies, and tools.
Minimum of 5 years in security research, preferably Cloud infrastructure and Linux
Experience with cloud-native services, infrastructure, and environments
Experience with threat research and misconfiguration identification
Comprehensive knowledge of cloud platforms (AWS, Azure, GCP) and their security features.
Python, golang, and shell scripting experience
Experience with large scale data analysis
Comprehensive knowledge of Kubernetes, docker, podman, and similar containerization and orchestration technologies
Familiarity with cloud automation and orchestration tools for optimizing security processes.
Experience in publishing security research papers and conference talks
Experience in malware analysis and reverse engineering – experience with Linux malware and ELF reverse engineering is a plus
Excellent conceptual thinking and communication skills, capable of conveying complex ideas effectively.
Technical knowledge of network, operating systems (mainly Linux) and data platform security
Good problem solving, communication, and teamwork skills
