Security Researcher

Big Ideas. Real People. At Orca, in the right environment and with the right team, talent has no boundaries . This team spirit, together with our drive to always aim high, has quickly earned us unicorn status and turned us into a global cloud security innovation leader. So if you’re ready to join an amazing team of people who inspire each other every day, now is the time to find your place in our pod. We’re looking for driven and talented people like you to join our team and our mission to change the future of cloud security. Ready to dive in and swim with our pod? Highlights High-growth: Over the past seven years, we’ve consistently achieved milestones that take other companies a decade or more. During this time, we’ve significantly grown our employee base, expanded our customer reach, and rapidly advanced our product capabilities. Disruptive innovation: Our founders saw that traditional security didn’t work for the cloud—so they set out to carve a new path. We’re relentless pioneers who invented agentless technology and continue to be the most comprehensive and innovative cloud security company. Well-capitalized: With a valuation of $1.8 billion, Orca is a cybersecurity unicorn dominating the cloud security space. We’re backed by an impressive team of investors such as Capital G, ICONIQ, GGV, and SVCI, a syndicate of CISOs who invest their own money after conducting their due diligence. Respectful and transparent culture: Our executives pride themselves on being accessible to everyone and believe in sharing knowledge with the employees. Each employee has a place in shaping the future of our industry. About the role We’re looking for a Security Researcher to help us stay ahead of threats across cloud, runtime, and application environments. This role is intentionally broad and can fit backgrounds in operating systems and Linux internals, vulnerability research, DFIR, penetration testing, and incident response, threat detection, AppSec, and cloud security. On a typical day you'll Research and analyze emerging threats across cloud platforms, applications, APIs, and runtime environments Investigate attacks and security incidents, then turn findings into improved detections and product capabilities Build detection logic, analytics, rules, and signatures for vulnerabilities, exposures, and active threats Contribute to runtime and cloud security visibility and detection (Linux, containers, Kubernetes) Prototype tools and automation to speed up research and improve detection accuracy Share knowledge through internal enablement, blog posts, whitepapers, or conference talks About you 4+ years in security research or security engineering Strong foundation in one or more of: Operating systems (especially Linux) Vulnerability management/research DFIR, incident response, or threat hunting Cloud/container/runtime security Strong analytical “attacker mindset” and ability to explain complex findings clearly Proficiency in Python (Go is a plus) Experience working with telemetry and data (SQL/Elastic or similar is a plus) Comfortable collaborating across teams in English Nice to have Kubernetes/containers, major clouds (AWS/Azure/GCP) eBPF, reverse engineering, offensive security experience Open-source security tooling familiarity, or AI/automation in security workflows