At Orca, in the right environment and with the right team, talent has no boundaries. This team spirit, together with our drive to always aim high, has quickly earned us unicorn status and turned us into a global cloud security innovation leader. So if you’re ready to join an amazing team of people who inspire each other every day, now is the time to find your place in our pod.

We’re looking for driven and talented people like you to join our team and our mission to change the future of cloud security. Ready to dive in and swim with our pod?

Highlights

High-growth: Over the past seven years, we’ve consistently achieved milestones that take other companies a decade or more. During this time, we’ve significantly grown our employee base, expanded our customer reach, and rapidly advanced our product capabilities.
Disruptive innovation: Our founders saw that traditional security didn’t work for the cloud—so they set out to carve a new path. We’re relentless pioneers who invented agentless technology and continue to be the most comprehensive and innovative cloud security company.
Well-capitalized: With a valuation of $1.8 billion, Orca is a cybersecurity unicorn dominating the cloud security space. We’re backed by an impressive team of investors such as Capital G, ICONIQ, GGV, and SVCI, a syndicate of CISOs who invest their own money after conducting their due diligence.
Respectful and transparent culture: Our executives pride themselves on being accessible to everyone and believe in sharing knowledge with the employees. Each employee has a place in shaping the future of our industry.

Senior Security Researcher (Cloud, Runtime, DFIR, Vulnerability Research)

About the role

We’re looking for a Senior Security Researcher to drive high-impact research across cloud, runtime, and application environments, and translate it into product-grade detections. This is a hands-on role for someone who can lead investigations end-to-end: from understanding attacker tradecraft and vulnerabilities, through building reliable detection logic, to influencing product direction.

What you’ll do

Lead deep-dive research into real-world attacks, vulnerabilities, and emerging cloud and runtime techniques
Own complex investigations (DFIR, threat hunting, root-cause analysis) and convert learnings into durable detections
Design and implement advanced detection logic and analytics across cloud assets, containers, Kubernetes, and Linux runtime telemetry
Build prototypes and production-ready components that improve detection accuracy, fidelity, and coverage
Partner closely with engineering and product to shape roadmap priorities and guide implementation details
Develop research methodologies, testing frameworks, and validation processes for new detections
Mentor and level up other researchers and engineers through reviews, knowledge sharing, and technical guidance
Represent the team externally through publications, technical blogs, and conference talks

About you
7+ years of experience in security research, detection engineering, incident response, or comparable hands-on security roles
Demonstrated expertise in at least two of the following areas (and working knowledge in the others):
Linux internals / operating systems fundamentals
Cloud security (AWS/Azure/GCP), including common attack paths and misconfiguration patterns
DFIR, threat hunting, and investigation workflows using telemetry and logs
Vulnerability research or vulnerability management at scale (triage, prioritization, exploitation understanding)
Application and API security fundamentals
Strong programming skills in Python (Go is a strong plus); ability to produce maintainable research code and production logic
Strong data skills: comfortable working with large telemetry datasets (SQL and log analytics platforms such as Elastic or similar)
Ability to reason about attacker behavior, build threat models, and validate detections with repeatable testing
Excellent written and verbal English communication, including the ability to explain nuanced technical tradeoffs to non-research audiences
Track record of driving cross-team execution and shipping impactful security capabilities

Strong advantages

Experience with Kubernetes and container runtime security
eBPF or low-level telemetry approaches, syscall or kernel-level visibility
Reverse engineering and malware analysis
Offensive security background (web, cloud, exploit development)
Contributions to open-source security projects or published research
Experience using automation or AI-assisted techniques to scale research and detection workflows

Success looks like

You consistently deliver new detections or improvements that measurably reduce false positives and increase coverage
Your investigations produce clear, actionable insights and influence product direction
You raise the technical bar for research quality, validation rigor, and operational maturity across the team

Apply now

See more open positions at Orca Security

Privacy policy Cookie policy