Cloud Researcher

Senior Cloud Security Researcher – Offensive Research

We are looking for a highly skilled Senior Cloud Security Researcher to lead offensive research on complex cloud infrastructures and managed services.

This role focuses on identifying and exploiting structural weaknesses in cloud environments (AWS / GCP), uncovering advanced attack vectors, and pushing the boundaries of cloud security research.

You will perform deep, hands-on research into cloud internals, multi-tenant architectures, and runtime environments, exploring real-world attack paths such as isolation breaks, privilege escalation, and escape techniques.

What You’ll Do

• Offensive Cloud Research
• Conduct deep technical research on cloud platforms, focusing on offensive attack surfaces including IAM, metadata services, networking, identity boundaries, and runtime environments.
• Vulnerability & Exploit Research
• Identify, analyze, and research high-impact vulnerabilities in cloud components and large-scale systems, including tenant isolation gaps, sandbox escapes, and misconfigurations with systemic impact.
• Attack Path Exploration & Root Cause Analysis
• Analyze complex cloud architectures to understand how offensive techniques can be chained into practical attack paths.
• Perform root cause analysis on discovered weaknesses to understand underlying design and trust assumptions.
• Tooling & Research Automation
• Develop tooling and automation in Python to support research, exploitation, and large-scale experimentation.
• (Bonus) Leverage AI-assisted techniques to accelerate discovery and analysis.
• Threat Modeling from an Attacker’s Perspective
• Think like a real-world attacker to identify subtle, non-obvious attack vectors across cloud control planes and managed services.
• Research Leadership & Knowledge Sharing
• Drive research initiatives end-to-end, share findings internally, and influence future research directions.

Requirements & Experience

• 4+ years of experience in offensive security research, red teaming, or cloud-focused security research.
• Deep hands-on experience researching AWS and/or GCP from an attacker’s perspective.
• Strong development skills in Python (tooling, automation, PoCs).
• Experience conducting 0-day or vulnerability research on large-scale systems (with or without source code).
• Strong understanding of cloud internals, identity boundaries, and multi-tenant architectures.
• Excellent problem-solving skills with the ability to think in attack chains, not isolated bugs.
• Independent, research-driven mindset with strong ownership.
• High level of written and spoken English.

Nice to Have

• Experience with AI-driven research, ML-Ops, or automation at scale.
• Familiarity with cryptography and cryptographic protocols.
• Experience leading or mentoring other researchers.
• Ability to clearly communicate complex offensive research findings to technical audiences.