Senior Cloud Security Researcher – Offensive Research

Senior Cloud Security Researcher – Offensive Research

We are looking for a highly skilled Senior Cloud Security Researcher to lead offensive research on complex cloud infrastructures and managed services

.This role focuses on identifying and exploiting structural weaknesses in cloud environments (AWS / GCP), uncovering advanced attack vectors, and pushing the boundaries of cloud security research

.You will perform deep, hands-on research into cloud internals, multi-tenant architectures, and runtime environments, exploring real-world attack paths such as isolation breaks, privilege escalation, and escape techniques

.
What You’ll

• DoOffensive Cloud Resear
• chConduct deep technical research on cloud platforms, focusing on offensive attack surfaces including IAM, metadata services, networking, identity boundaries, and runtime environment
• s.Vulnerability & Exploit Resear
• chIdentify, analyze, and research high-impact vulnerabilities in cloud components and large-scale systems, including tenant isolation gaps, sandbox escapes, and misconfigurations with systemic impac
• t.Attack Path Exploration & Root Cause Analys
• isAnalyze complex cloud architectures to understand how offensive techniques can be chained into practical attack path
• s.Perform root cause analysis on discovered weaknesses to understand underlying design and trust assumption
• s.Tooling & Research Automati
• onDevelop tooling and automation in Python to support research, exploitation, and large-scale experimentatio
• n.(Bonus) Leverage AI-assisted techniques to accelerate discovery and analysi
• s.Threat Modeling from an Attacker’s Perspecti
• veThink like a real-world attacker to identify subtle, non-obvious attack vectors across cloud control planes and managed service
• s.Research Leadership & Knowledge Shari
• ngDrive research initiatives end-to-end, share findings internally, and influence future research direction

s.
Requirements & Experie

• nce4+ years of experience in offensive security research, red teaming, or cloud-focused security resear
• ch.Deep hands-on experience researching AWS and/or GCP from an attacker’s perspecti
• ve.Strong development skills in Python (tooling, automation, PoC
• s).Experience conducting 0-day or vulnerability research on large-scale systems (with or without source cod
• e).Strong understanding of cloud internals, identity boundaries, and multi-tenant architectur
• es.Excellent problem-solving skills with the ability to think in attack chains, not isolated bu
• gs.Independent, research-driven mindset with strong ownersh
• ip.High level of written and spoken Engli

sh.
Nice to

• HaveExperience with AI-driven research, ML-Ops, or automation at sc
• ale.Familiarity with cryptography and cryptographic protoc
• ols.Experience leading or mentoring other research
• ers.Ability to clearly communicate complex offensive research findings to technical audien