Microsoft Hybrid Cloud Security Researcher – EPSF IL 

Israel, Tel Aviv District 

614128208

Required Qualifications:

• A minimum of 4 years in offensive security research, with a focus on Kubernetes environments and a strong background in OS (Windows\Linux) Security.
• Proven track record in identifying vulnerabilities and implementing hardening strategies.
• Deep understanding ofOSSecurity mechanisms.
• Familiarity and Experience with Kubernetes Security Controls
• RBAC management,Secrets Storage, Plugins, and Access Controls
• Container Security Configuration (Security Context, Privileged, etc...)
• Knowledge and Experience Configuring and SecuringKubernetesNetworks
• Calico, Cilium, Network Access Policies, Istio or Similar
• Monitoring and Log Collection
• Understanding of Container Security Boundaries, Image Hardening Practices, and Security Features.
• Proficient in programming and scripting, with the ability to develop security tools and automations.
• Bachelor's degree in Computer Science, Information Security, or related fields – An Advantage.
• Certified Kubernetes Security Specialist (CKS) \ Kubernetes and Cloud Native Security Associate (KCSA) Certifications – An advantage.

Desired Skills:

• Exceptional communication abilities to effectively discuss complex security issues with a variety of audiences.
• Team player with a collaborative approach and the capability to work in a dynamic, cross-functional environment.
• Commitment to continuous learning, staying abreast of the latest developments in cloud security, Kubernetes, and OS security.

• Perform vulnerability research on cutting-edge K8S-based platforms and products&the underlaying OS.
• Develop and implement proof-of-concept exploits to demonstrate potential risks and work closely with engineering teams to address findings.
• Engage in Threat Modelling, Security Code Audits, Fuzzing and in-depth Hardening efforts to improve the overall security of K8S-based platforms\products and underlaying OS.
• Collaborate with teams to fortify environments\products against threats, while ensuring alignment with security frameworks.