Cloud Security Researcher, Lacework Labs
United States
Lacework
Need better insight into the security of your cloud environments? Learn how Lacework can automate cloud security, prioritize risks, and help you scale.At Lacework, we strive to provide a supportive, collaborative environment where people are empowered to do the best work of their careers.
Our team members enjoy solving complex problems, big sky thinking, and obsess over getting the details right—all while building bonds of teamwork and friendships that last a lifetime. We love what we do and are proud of our work to secure clouds and container environments for thousands of users worldwide.
The Lacework Labs team is growing and we need YOU! Our mission is to shed light on attacks that pose a risk to those operating in the public cloud and then integrate our knowledge into the Lacework platform.
The team is looking for a seasoned security engineer with experience discovering threats and automating solutions to operationalize this knowledge. You will have the opportunity to discover, analyze, and bring insight into all aspects of modern cloud threats to help defenders and customers run with speed and safety. You will play a critical role in evangelizing security research with the broader community and driving product efficacy.
This is a great opportunity for someone who is extremely focused, excited, and technically adept to make a huge impact.
To be successful you will:
- Research and discover threats to Cloud Service Provider control planes (AWS, GCP, Azure), Linux workloads, containers, and Kubernetes
- Evangelize research through blogging, public speaking, webinars, and research papers
- Assess product detection efficacy using MITRE ATT&CK matrices and other standardized methods
- Discover new attack techniques and develop detection methods for them
- Help customers understand the threat landscape and provide guidance on risk mitigation
- Develop threat intelligence related to cloud threats
- Develop open source projects for the benefit of the security community
- Collaborate across Lacework to develop new detection models – working hand-in-hand with members of the data science and engineering teams
Minimum Qualifications:
- 5+ years of information security research, incident response, penetration testing, or similar experience
- Public speaking and blogging experience
- Experience with AWS, GCP, or Azure
- Pentesting AWS, GCP, or Azure
- Experience with container and Kubernetes security practices
- Python, Go, Java and/or shell scripting experience
- SQL and large-scale data analysis
- Threat intelligence management experience
- Malware analysis experience (ELF experience is a plus)
- Security knowledge of operating systems, file systems, and memory on Windows, MacOS, or Linux.
Lacework is an Equal Opportunity Employer. It is the policy of Lacework to provide equal employment opportunity to all persons, regardless of age, race, religion, color, national origin, sex, political affiliations, marital status, non-disqualifying physical or mental disability, age, sexual orientation, membership, or non-membership in an employee organization, or on the basis of personal favoritism or other non-merit factors, except where otherwise provided by law
Tags: AWS Azure Cloud GCP Incident response Java Kubernetes Linux MacOS Malware MITRE ATT&CK Open Source Pentesting Python Scripting SQL Threat intelligence Windows
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Malware-related jobs
- Open DevSecOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs