Runtime Security Researcher

On The Spot is a software development company, focused on building R&D offices for heavily invested startups from the UK, EU and Israel. We aim to directly connect tech talents with emerging tech companies worldwide to develop theirs products — from scratch to unicorn.

• Domains: cybersecurity, e-commerce, fintech, adtech
• Key customers: Orca Security, ironSource (merged with Unity), Cycode, Karma, 365scores
• Company staff: 140+ people 

Our partner is looking for a motivated Runtime Security Researcher to join their awesome team.

Highlights

• High-growth: In just 4 years, we’ve reached milestones that take other companies a decade or more. We’ve doubled our employee count, tripled our customer count, and rapidly expanded our product capabilities.
• Disruptive innovation: Our founders saw that traditional security didn’t work for the cloud—so they set out to carve a new path. We’re relentless pioneers who invented agentless technology and continue to be the most comprehensive and innovative cloud security company.
• Well-capitalized: With a valuation of $1.8 billion, we are a cybersecurity unicorn dominating the cloud security space. We’re backed by an impressive team of investors such as Capital G, ICONIQ, GGV, and SVCI, a syndicate of CISOs who invest their own money after conducting their due diligence.
• Respectful and transparent culture: Our executives pride themselves on being accessible to everyone and believe in sharing knowledge with the employees. Each employee has a place in shaping the future of our industry.

About the role

As a Security Researcher in our R&D team, you'll be at the forefront of developing and enhancing our runtime security sensor. This role is crucial for improving our product's detection capabilities and fidelity in cloud environments. You'll work with cutting-edge technologies like eBPF in Linux and Kubernetes settings, contributing significantly to our cloud security offerings.

Our Tech Stack

Go, Python, Docker, Kubernetes, Serverless, Django, PostgreSQL, Elasticsearch, Kibana, Spark, Airflow, Iceberg, NoSQL, Kafka, SQS, Redis, Linux, AWS, Azure, GCP, Oracle Cloud, AliCloud.

On a typical day, you'll

• Develop and refine our runtime security sensor using eBPF technology for Linux and Kubernetes environments in the cloud.
• Investigate and analyze complex security threats, applying your findings to improve product detection capabilities.
• Collaborate with cross-functional teams to integrate new features and enhance existing ones.
• Conduct in-depth research on cloud security, focusing on major platforms like AWS, GCP, and Azure.
• Design and implement sophisticated algorithms to advance our threat detection capabilities.
• Contribute to the continuous improvement of our product's detection accuracy and fidelity.
• Stay updated on the latest security trends and attack techniques, incorporating this knowledge into our product development.

About you

• You have 4+ years of experience in cybersecurity, with a strong focus on cloud environments.
• Proficient in eBPF technology and its applications in security contexts.
• Solid understanding of Linux systems and Kubernetes environments.
• Experience in threat detection and familiarity with major cloud platforms (AWS, GCP, Azure).
• Strong programming skills, particularly in languages commonly used for security tools and research - Go/Rust/C++/C.
• Knowledge of reverse engineering techniques is a plus.
• Background in vulnerability research is advantageous.
• Excellent analytical skills with the ability to understand and dissect complex attacks.
• Strong communication skills to effectively collaborate with various teams and explain technical concepts.
• Proactive learner, always eager to expand your knowledge in the rapidly evolving field of cloud security.
• A customer-oriented mindset focused on delivering high-quality, impactful security solutions.

Benefits of working with us

• Work in a highly professional team with a friendly community spirit and supportive environment;
• Paid vacation — 20 business days per year, 100% sick leave payment;
• Flexible working hours – we care about you (!) and your output;
• 5 sick days per year;
• Equipment provision;
• Health insurance in Luxmed (after the end of the probationary period);
• Partially compensated educational costs (for courses, certifications, professional events, etc.);
• Legal and Accounting support in Poland if requested;
• English and Polish classes 2 times a week (online);
• Bright and memorable corporate life: corporate parties, gifts to employees on significant dates.

We value the creativity and innovation of our Software Engineers and embrace diversity in technical expertise. Therefore, we are open to considering candidates with a wide range of technical backgrounds and are not limiting our search to any specific technology stack.