Security Researcher

Cutting-edge Cybersecurity company specializing in micro-segmentation, developing a solution to one of the most complex problems in cybersecurity: preventing attackers from moving laterally within enterprise networks.

Located in Tel Aviv (near a train station), offering 1 day of remote work per week. Since its founding, the company has raised $100M from top-tier venture funds and investors.

The company employs 120 people, the majority based in Israel, forming the R&D center. Over the past year, the company quintupled its sales and expects significant growth in the near future.

Responsibilities-

• Lead research of cloud security threats, with emphasis on lateral movement, privilege escalation, and post-compromise techniques in AWS, Azure, and GCP.
• Analyze and model cloud infrastructure, networking, and identity systems to identify attack surfaces and opportunities for segmentation.
• Work closely with product teams to design and test approaches for extending microsegmentation into cloud and hybrid environments.
• Research and exploit misconfigurations or weaknesses in cloud-native services (e.g., IAM, metadata services, API gateways).
• Build proof-of-concept attacks and detection techniques that inform both our commercial product and the open-source projects.
• Contribute to the development and maintenance of open-source security tools, incorporating cloud-focused capabilities and threat simulations.
• Produce high-quality technical blog posts, research papers, and online content to showcase findings, strengthen the social media presence, and share insights with the broader security community.

Requirements-

• 5 years of proven experience in cloud security research, penetration testing, or red teaming, with a focus on AWS, Azure, or GCP.
• Strong understanding of cloud networking (VPCs, routing, subnets, peering, firewall rules) and cloud infrastructure (compute, storage, identity).
• Familiarity with lateral movement, privilege escalation, and post-compromise techniques in cloud and hybrid environments.
• Experience with at least one modern programming or scripting language (Python, Go, etc.) for building tools and automations.
• Advantage: Experience contributing to or maintaining open-source security tools.