Being the cybersecurity partner of choice, protecting our digital way of life.
Your Career
As a Senior Security Researcher on the Cortex Cloud research team, you’ll lead deep, hands-on security research across cloud and AI environments- from uncovering vulnerabilities and novel attack paths to building the protections that stop them.
Your impact doesn’t end with detections. This team is also responsible for driving product innovation: identifying gaps in how cloud environments are secured, finding new ways to close those gaps, and partnering with engineering, product and marketing to take those ideas from a POC to implementation. Whether it’s a new detection engine, risk signal, or protection method- your research directly shapes the product.
You'll research the AI attack surface in depth, and push the boundaries of what cloud and AI security can achieve. If you're looking for a role where research leads to real-world defense- and product innovation is part of your day job- this is the team.
Your Impact
- Research and uncover vulnerabilities and abuse paths in cloud services, with a strong focus on AI, identity, and data pipelines
- Collaborate with product and engineering to ship detections and logic based on your findings
- Research-driven impact - drive innovation from idea to execution: Identify emerging security gaps, build proof-of-concepts, and partner with engineering, product and marketing to translate research into actual product features and detection logic.
- Represent the team through public blogs, conferences and research collaborations with cloud vendorsPublish internal or external research and represent the team at industry events or blogs.
- Lead the discovery of novel attack vectors- e.g., cross-tenant access, NHI abuse, RAG poisoning, privilege escalation
Your Experience
- Minimum of 6 years in security research, including at least 2 years focused on cloud security
- Deep understanding of IAM, network, and data services posture in AWS, Azure, or GCP Research
- Strong understanding of the attacker’s mindset and proven experience in applying defensive tactics
- Hands-on experience in programming and scripting with C++/Python
- Experience with AI / Web/ Cloud/ K8S vulnerability research
- Proven ability to conceptualize, plan, and execute research from ideation through POC to full implementation
Nice to have
- Hands-on experience detecting or simulating attacks in AI pipelines (e.g., RAG poisoning, prompt injection, model exfiltration)
- Public research, blog posts, or conference presentations
- Resourcefulness and creativity in problem-solving, achieving high standards in challenging scenarios
- Deep understanding of the cybersecurity market, including key players, customer needs, and emerging trends
- Excellent communication and teamwork skills, with the ability to lead initiatives and work collaboratively across the organization
All your information will be kept confidential according to EEO guidelines.