Lead Security Researcher

Aqua is a global leader in cloud-native security, protecting some of the world’s most complex and large-scale production environments. Our technology secures a significant portion of Fortune 100 companies across containers, Kubernetes, serverless, and public cloud infrastructure.

We’re looking for an exceptional Lead Security Researcher to join our world-class Security Research organization. This is a hands-on technical leadership role for a senior researcher who wants to drive research direction, depth, and real-world impact.

This role sits at the intersection of deep offensive research and strategic defensive thinking — influencing how modern cloud-native attacks are detected, understood, and stopped at scale.

What You’ll Do

• Provide technical leadership and mentorship to security researchers, setting a high bar for research quality, depth, and execution.
• Research and analyze advanced attack techniques targeting Linux-based cloud-native environments (containers, Kubernetes, serverless).
• Reverse engineer Linux malware to uncover behavior patterns, execution flows, and persistence mechanisms.
• Study real-world threat actor techniques and translate insights into actionable detection, prevention, and hardening strategies.
• Design and prototype advanced detection and observability mechanisms, including kernel- and runtime-level approaches (e.g., eBPF).
• Turn cutting-edge research into scalable security capabilities that protect large-scale production systems.
• Collaborate closely with engineering and product teams to ensure research outcomes are practical, impactful, and production-ready.
• Influence Aqua’s long-term security strategy through research-driven insights.

What You Bring

• 5+ years of hands-on security research experience, with a strong focus on Linux-based systems.
• Deep, practical knowledge of Linux internals - processes, syscalls, memory, networking, and filesystems.
• Strong experience in Linux malware analysis and reverse engineering.
• Proficiency in C and Python for low-level research, tooling, and prototyping.
• Proven ability to analyze attacker behavior and design corresponding detection or mitigation strategies.
• Strong familiarity with cloud-native technologies, including containers, Kubernetes, and container runtimes.
• Excellent communication skills, with the ability to clearly explain complex technical findings and influence stakeholders.
• B.Sc. in Computer Science or equivalent experience (military, academic, or advanced technical background preferred).

Why Aqua

Aqua is at the forefront of cloud-native security, where research directly shapes real-world protection for global enterprises. This role offers true technical ownership, visible impact, and the opportunity to lead research that matters - not just publish it.

If you’re driven by deep technical challenges, real adversaries, and systems operating at scale - we’d love to talk.