Security Researcher jobs at Orca Security in Israel, Tel-aviv

Highlights:

• High-growth: Over the past six years, we’ve consistently achieved milestones that take other companies a decade or more. During this time, we’ve significantly grown our employee base, expanded our customer reach, and rapidly advanced our product capabilities.
• Disruptive innovation: Our founders saw that traditional security didn’t work for the cloud, so they set out to carve a new path. We’re relentless pioneers who invented agentless technology and continue to be the most comprehensive and innovative cloud security company.
• Well-capitalized: With a valuation of $1.8 billion, Orca is a cybersecurity unicorn dominating the cloud security space. We’re backed by an impressive team of investors such as Capital G, ICONIQ, GGV, and SVCI, a syndicate of CISOs who invest their own money after conducting their due diligence.
• Respectful and transparent culture: Our executives pride themselves on being accessible to everyone and believe in sharing knowledge with the employees. Each employee has a place in shaping the future of our industry.

• Collaborate with engineers, product managers, and subject matter experts to document new features, updates, and cutting-edge technologies
• Design, develop, and maintain knowledge base articles that make complex topics easy to understand for our users
• Ensure that our documentation is clear, concise, and accurate, providing comprehensive resources for both technical and non-technical audiences
• Proactively update and improve existing documentation based on feedback, product changes, and industry trends
• Take ownership of documentation projects from start to finish, contributing to the continuous improvement of our documentation processes

• 3-5 years of experience in a technical writing or product documentation role, ideally in SaaS, cloud security, or a related field
• Outstanding writing and editing skills, with the ability to make complex topics accessible and engaging
• Strong collaboration and communication skills, with experience working with cross-functional teams (engineering, product, marketing, etc.)
• Self-motivated, independent, and driven to take ownership of projects while managing multiple tasks simultaneously
• Familiarity with cloud technologies, SaaS products, or cybersecurity is a big advantage
• Experience mentoring others or contributing to documentation planning and coordination is an advantage
• Experience with API documentation – an advantage
• A proactive attitude, always looking for ways to improve processes and content quality

• Be part of a well-funded, high-growth cloud security company with a stellar reputation
• Work in a hybrid environment, based in Tel Aviv, that supports flexibility and collaboration
• Join a young, energetic team that encourages innovation and creativity
• Opportunity to work on leading-edge products that shape the future of cloud security

• High-growth: Over the past six years, we’ve consistently achieved milestones that take other companies a decade or more. During this time, we’ve significantly grown our employee base, expanded our customer reach, and rapidly advanced our product capabilities.
• Disruptive innovation: Our founders saw that traditional security didn’t work for the cloud, so they set out to carve a new path. We’re relentless pioneers who invented agentless technology and continue to be the most comprehensive and innovative cloud security company.
• Well-capitalized: With a valuation of $1.8 billion, Orca is a cybersecurity unicorn dominating the cloud security space. We’re backed by an impressive team of investors such as Capital G, ICONIQ, GGV, and SVCI, a syndicate of CISOs who invest their own money after conducting their due diligence.
• Respectful and transparent culture: Our executives pride themselves on being accessible to everyone and believe in sharing knowledge with the employees. Each employee has a place in shaping the future of our industry.

• Develop code to model and add required data across multiple cloud providers (AWS, Azure, GCP, Alibaba Cloud, OCI and more)
• Develop alerts and detections for identification of vulnerable cloud systems and misconfigurations
• Generate and add new cloud security compliance frameworks to keep our compliance solution up-to-date
• Leverage AI agents to automate workflows, enhance detection accuracy, and optimize development efficiency
• Assist in improving our current alerting system by fixing false positive and false negative alerts
• Work in an agile environment, working in sprints with your team to deliver high-quality outcomes

• BSc in Computer Science or a related technical field
1–2 years of proven industry experience in Python development – Must.
• Knowledge in networking – OSI model, networking protocols, firewalls
• Familiarity with cloud architecture, services, and basic concepts
• Familiarity with SQL databases
• Comprehension of cybersecurity fundamentals and security best practices
• High level of development and analytical skills
• Self-starter, fast learner, team player, with a can-do attitude
• Great communication and collaboration skills

• Experience in developing with AI-powered tools and agents, such as GitHub Copilot or Cursor

Highlights:

• High-growth: Over the past six years, we’ve consistently achieved milestones that take other companies a decade or more. During this time, we’ve significantly grown our employee base, expanded our customer reach, and rapidly advanced our product capabilities.
• Disruptive innovation: Our founders saw that traditional security didn’t work for the cloud—so they set out to carve a new path. We’re relentless pioneers who invented agentless technology and continue to be the most comprehensive and innovative cloud security company.
• Well-capitalized: With a valuation of $1.8 billion, Orca is a cybersecurity unicorn dominating the cloud security space. We’re backed by an impressive team of investors such as Capital G, ICONIQ, GGV, and SVCI, a syndicate of CISOs who invest their own money after conducting their due diligence.
• Respectful and transparent culture: Our executives pride themselves on being accessible to everyone and believe in sharing knowledge with the employees. Each employee has a place in shaping the future of our industry.

As a Cloud Security Detection Analyst at Orca Security, you’ll play a pivotal role in shaping and scaling our detection capabilities across the full Orca product suite – from Code Security, Data Security, and Compliance to Vulnerability Management and Malware analysis. You will translate real-world incidents and emerging threat intelligence into high-fidelity detection rules, ensuring our platform continuously adapts to the evolving security landscape. Working at the heart of our engineering, research, and operations teams, you’ll drive initiatives that give customers immediate visibility into risk and compliance postures across their entire cloud estate.
Your work will directly empower our customers to stay ahead of vulnerabilities, misconfigurations, and malicious activity – making you a key defender in our mission to deliver the next generation of cloud-native security intelligence.

• Develop and maintain detections across Orca’s security products – Code Security, Data Security, Vulnerability Management, Malware, and more.
• Track major security incidents, develop new detections in response, and enrich our platform with timely security insights.
• Design, implement, and automate OS compliance benchmarks.
• Build alerts for misconfigurations in cloud services and Windows/Linux environments.
• Map and analyze cloud assets, relationships, and configurations to drive detection coverage.
• Investigate possible malicious files within customer environments.
• Write scripts and tools to automate and validate security workflows.
• Partner closely with field teams, researchers, and product managers – managing requests, sharing findings, and keeping everyone aligned.

• BSc with expertise in cybersecurity, or equivalent cybersecurity/detection experience.
• Strong Python and Bash scripting skills- Must.
• Good understanding of networking (OSI model).
• Proven ability to conduct deep investigations, document findings, and propose solutions.
• Excellent spoken and written English.
• Fast learner, self-starter, team player with a “can-do” attitude.

• Solid grasp of Windows and Linux internals.
• Hands-on experience with cloud architectures (AWS, Azure, GCP, OCI, Ali Cloud, Tencent Cloud).
• Basic static malware analysis knowledge.
• Familiarity with AI tools and frameworks (e.g. MCP, AI-driven automations)

• Track & Address Emerging Threats: Stay on top of the latest security risks and vulnerabilities in web applications, APIs, and cloud assets. Work with product and engineering teams to ensure our platform detects and mitigates these evolving threats . This includes continuously monitoring the AppSec threat landscape (CVEs, OWASP Top 10, etc.) and with our detection team – updating our product to address new risks in code and cloud environments.
• Security Research & Content Development: Conduct deep research on new vulnerabilities and attack techniques in the AppSec domain. Design and implement detection logic, rules, and signatures to catch these issues: from code flaws and secret exposures to API vulnerabilities. Your research will drive new product capabilities for code security and API security modules.
• Enhance Product Capabilities: Work closely with development and product managers to translate research findings into product features and improvements. You will help prioritize AppSec risks on the roadmap and guide the design of new scanning and detection capabilities that address critical vulnerabilities. This collaboration ensures our code scanning and API security offerings are always relevant and effective against real-world threats.
• Innovate with Tools & AI: Continuously experiment with new technologies and approaches to improve our research and detection workflows. This could mean prototyping new security scanning tools, leveraging automation and AI-driven techniques to uncover complex vulnerabilities, or integrating open-source projects to extend our capabilities. You have the freedom to think creatively and push the boundaries of how we find and mitigate application security risks.
• Thought Leadership & Knowledge Sharing: Serve as the AppSec subject-matter expert within Orca’s Research Pod. Share knowledge and best practices with internal teams, and contribute to the security community externally. You will publish research findings through technical blog posts, white-papers, and possibly present them at leading security conferences.

• 4+ years of research or analytical experience in cybersecurity, with a strong focus on application security
• Proficient in Python; Go experience is a plus
• Proficiency in SQL or similar query languages for analyzing large datasets and telemetry
• Analytical “attacker mindset” with excellent problem-solving and attention to detail
• Strong written and verbal communication, with experience publishing research or presenting at conferences
• Excellent problem-solving skills and attention to detail
• Ability to work both independently and as a team player
• Open-minded approach to thinking outside of the box

• Hands-on offensive security skills (web penetration testing, exploit development)
• Knowledge of cloud security technologies and tools in any or all major cloud providers (AWS, Azure, GCP)
• Contributions or familiarity to open-source security projects (KICS, OWASP, Semgrep)
• Familiarity with containerization and Kubernetes security
• AI/ML application in security research

Highlights

• High-growth: Over the past six years, we’ve consistently achieved milestones that take other companies a decade or more. During this time, we’ve significantly grown our employee base, expanded our customer reach, and rapidly advanced our product capabilities.
• Disruptive innovation: Our founders saw that traditional security didn’t work for the cloud—so they set out to carve a new path. We’re relentless pioneers who invented agentless technology and continue to be the most comprehensive and innovative cloud security company.
• Well-capitalized: With a valuation of $1.8 billion, Orca is a cybersecurity unicorn dominating the cloud security space. We’re backed by an impressive team of investors such as Capital G, ICONIQ, GGV, and SVCI, a syndicate of CISOs who invest their own money after conducting their due diligence.
• Respectful and transparent culture: Our executives pride themselves on being accessible to everyone and believe in sharing knowledge with the employees. Each employee has a place in shaping the future of our industry.

• Collaborate with engineers, product managers, and subject matter experts to document new features, updates, and cutting-edge technologies
• Design, develop, and maintain knowledge base articles that make complex topics easy to understand for our users
• Ensure that our documentation is clear, concise, and accurate, providing comprehensive resources for both technical and non-technical audiences
• Proactively update and improve existing documentation based on feedback, product changes, and industry trends
• Take ownership of documentation projects from start to finish, contributing to the continuous improvement of our documentation processes

• 5+ years of experience in a technical writing or product documentation role, ideally in SaaS, cloud security, or a related field
• Outstanding writing and editing skills, with the ability to make complex topics accessible and engaging
• Strong collaboration and communication skills, with experience working with cross-functional teams (engineering, product, marketing, etc.)
• Self-motivated, independent, and driven to take ownership of projects while managing multiple tasks simultaneously
• Familiarity with cloud technologies, SaaS products, or cybersecurity is a big advantage
• Experience mentoring others or contributing to documentation planning and coordination is an advantage
• Experience with API documentation – an advantage
• A proactive attitude, always looking for ways to improve processes and content quality

• Be part of a well-funded, high-growth cloud security company with a stellar reputation
• Work in a hybrid environment, based in Tel Aviv, that supports flexibility and collaboration
• Join a young, energetic team that encourages innovation and creativity
• Opportunity to work on leading-edge products that shape the future of cloud security

Highlights:

• High-growth: Over the past six years, we’ve consistently achieved milestones that take other companies a decade or more. During this time, we’ve significantly grown our employee base, expanded our customer reach, and rapidly advanced our product capabilities.
• Disruptive innovation: Our founders saw that traditional security didn’t work for the cloud—so they set out to carve a new path. We’re relentless pioneers who invented agentless technology and continue to be the most comprehensive and innovative cloud security company.
• Well-capitalized: With a valuation of $1.8 billion, Orca is a cybersecurity unicorn dominating the cloud security space. We’re backed by an impressive team of investors such as Capital G, ICONIQ, GGV, and SVCI, a syndicate of CISOs who invest their own money after conducting their due diligence.
• Respectful and transparent culture: Our executives pride themselves on being accessible to everyone and believe in sharing knowledge with the employees. Each employee has a place in shaping the future of our industry.

• Write clean, concise code that is stable, extensible, and unit-tested appropriately
• Lead technical designs and implement new features end to end
• Diagnose complex issues, evaluate, recommend and execute the best solution
• Implement new requirements within our Agile delivery methodology while following our established architectural principles
• Test software to ensure proper and efficient execution and adherence to business and technical requirements
• Write code that meets the production requirements and design specifications and anticipate potential errors/issue
• Provides input into the architecture and design of the product; collaborating with the team in solving problems the right way
• Develop expertise of AWS, Azure, and GCP products and technologies

Highlights

• High-growth: Over the past six years, we’ve consistently achieved milestones that take other companies a decade or more. During this time, we’ve significantly grown our employee base, expanded our customer reach, and rapidly advanced our product capabilities.
• Disruptive innovation: Our founders saw that traditional security didn’t work for the cloud—so they set out to carve a new path. We’re relentless pioneers who invented agentless technology and continue to be the most comprehensive and innovative cloud security company.
• Well-capitalized: With a valuation of $1.8 billion, Orca is a cybersecurity unicorn dominating the cloud security space. We’re backed by an impressive team of investors such as Capital G, ICONIQ, GGV, and SVCI, a syndicate of CISOs who invest their own money after conducting their due diligence.
• Respectful and transparent culture: Our executives pride themselves on being accessible to everyone and believe in sharing knowledge with the employees. Each employee has a place in shaping the future of our industry.

On a typical day you’ll:

• Develop and refine our runtime security sensor using eBPF technology for Linux and Kubernetes environments in the cloud
• Investigate and analyze complex security threats, applying your findings to improve product detection capabilities
• Collaborate with cross-functional international teams to integrate new features and enhance existing ones
• Conduct in-depth research on cloud security, focusing on major platforms like AWS, GCP, and Azure
• Design and implement sophisticated algorithms to advance our threat detection capabilities
• Contribute to the continuous improvement of our product’s detection accuracy and fidelity
• Stay updated on the latest security trends and attack techniques, incorporating this knowledge into our product development
• Speak at conferences and write blog posts about the latest security trends, and how our solution can mitigate them, establishing yourself as a thought leader in the security community

About you

• 4+ years of experience in cybersecurity, with a strong focus on cloud environments
• Knowledge/experience with eBPF technology and its applications in security contexts will be a huge plus
• Solid understanding of Linux systems and Kubernetes environments
• Excellent analytical skills with the ability to understand and dissect complex attacks
• Strong programming skills, particularly in languages commonly used for security tools and research – Python/Go
• Strong communication skills, particularly in English, to effectively collaborate with various teams and explain technical concepts
• Experience in threat detection and familiarity with major cloud platforms (AWS, GCP, Azure) – advantage
• Knowledge of reverse engineering techniques – advantage
• Background in vulnerability research or red team – advantage
• Experience with analyzing big sets of data with SQL/ Elastic – advantage
• Proactive learner, always eager to expand your knowledge in the rapidly evolving field of cloud security
• A customer-oriented mindset focused on delivering high-quality, impactful security solutions