Principal Security Researcher

Location: Bay Area - work from SF or Santa Clara offices.

CloudPassage is looking for a principal security and compliance researcher to join our engineering team. You will be the thought leader who designs new security initiatives that feed our industry-leading cloud security platform used by customers to analyze security posture. You will leverage your security and compliance expertise, scripting and programming talent with written communications skills to create world-class security solution. You should be a self-starter focused on quality and efficiency.

What You Will Be Doing

  • As a principal researcher for security and compliance research, you will guide the research engineering to focus on known threats, analyze disclosed vulnerabilities, develop mitigation/remediation guidance for those threats in view of CloudPassage products and tools.
  • Investigate all things security for containers including Docker, Kubernetes, Mesos, Google Container Engine and others
  • Investigate security for cloud services including AWS EC2, S3, IAM, RDS, Azure, RackSpace, and others.
  • Use your system hardening, forensic, threat intelligence and attack behavior knowledge to correlate events and create rules that feed our platform and enable the customer to identify actionable intelligence.
  • Work closely with other engineering teams to drive technical requirements to help build intelligence into our products and backend systems.
  • Leveraging your development, security and compliance expertise to inform customers about current and potential security threats providing actionable data that can be used to drive mitigation efforts.

What you need for this position

  • Minimum Qualifications: 10+ years of total experience with 3+ years in an architect or lead role
  • Must have a BS or MS in Computer Science, Computer Engineering or related technical discipline
  • Strong scripting and programming experience with Python and Java. Ability to learn new languages quickly.
  • Experience working with Security Operations Centers (SOC), CERT, etc and utilizing Threat Intelligence platforms
  • Experience with Forensics and Incident Response
  • Extensive experience with STIX, OPENIOC, CIS, and related threat intelligence sharing formats
  • You have hands on experience with information security technologies and key concepts (such as Vulnerability Management, OVAL, CVE etc.)
  • Experience conducting threat research focused on nation state and generic malware actors
  • Have a strong understanding of actor TTP's, abilities and kill chains
  • Has innovative ideas and demonstrates confidence to promote, share and implement ideas into actionable outcomes
  • Experience in an Incident response role is a plus
  • Experience working with machine learning, large data sets and databases a plus

Soft Skills

  • Must be passionate about security, with a drive to stay current and appraised of the ever changing cyber security industry
  • Hands-on and be willing to jump in
  • Strong verbal and written communication skills
  • Excellent problem-solving skills
  • Ability to adapt quickly to changing priorities and industry focus

About CloudPassage

At CloudPassage, we are all about making cloud computing more secure and agile for leading global enterprise companies by resolving the number one inhibitor to cloud adoption: security. This challenge requires smart, passionate, and creative people.

We invented agile security for modern infrastructure. Our platform protects the most critical business assets. Staying in front of the cloud security landscape is a huge challenge that requires expertise, creativity, hard work and intense collaboration.

Leading enterprises like Citrix,, and Adobe use CloudPassage to enhance their security and compliance posture while remaining agile. Headquartered in San Francisco, CA, CloudPassage is backed by Benchmark Capital, Lightspeed Venture Partners, Meritech Capital Partners, Tenaya Capital, Shasta Ventures, Musea Ventures and other leading investors.

Top Reasons to Work With Us:

  • CloudPassage is a growing, well-funded company that is making a difference
  • At the bleeding edge of security and technology
  • There are a lot of smart people to work with!
  • Great pay, benefits, and stock options
  • Rapid career advancement (plenty of opportunities to take on additional responsibility with a fast growing company!)
  • Opportunity to work with some of the biggest names for customers
  • Opportunity to make an impact on customer's security issues
  • Opportunity to work with “the best security tool” in the industry
  • We get stuff done!

Meet Some of CloudPassage's Employees

Tyler R.

VP of DevOps

Tyler keeps CloudPassage applications in check by monitoring overall system stability and infrastructure changes. By doing so, he makes sure customers receive consistent, reliable service.

Deepak M.

Director of Sales Engineering

Deepak manages a team of CloudPassage’s sales engineers who support enterprise sales directors and West Coast customers. His goal is to expand the company’s customer base.

Back to top