Cloud Security Researcher

Overview

E.V.A Information Security helps clients grow by leveraging modern technology and creating a safe future. They simulate real-world cyber adversaries to test and improve client environments.

Role: Cloud Security Researcher

This hybrid & remote role involves working with a team of researchers to uncover unique vulnerabilities, design novel attack techniques, and explore unknown attack surfaces in modern cloud and infrastructure environments.

Responsibilities

• Identify and exploit real-world misconfigurations in cloud environments.
• Analyze complex architectures in cloud and container security.
• Collaborate with peers and clients to convert findings into actionable improvements.
• Push the boundaries of cloud and container security research.

Qualifications

• Strong knowledge of AWS, Azure, and GCP with common attack vectors.
• Hands-on experience attacking cloud and/or infrastructure environments.
• Experience with containerized environments and Kubernetes security.
• Familiarity with CI/CD pipelines and associated security challenges.
• Understanding of modern infrastructure and application environment design.

Nice to Have

• Prior research into cloud-related vulnerabilities.
• Programming and scripting skills (Python, Go, Bash, etc.).
• DevSecOps knowledge with CI/CD integration.
• Familiarity with Application Security frameworks like OWASP Top 10 and MITRE ATT&CK.
• Experience in securing IaaC and cloud-native workloads.

Key skills/competency

• Cloud Security
• Vulnerability Research
• Container Security
• Kubernetes
• CI/CD Security
• AWS
• Azure
• GCP
• DevSecOps
• Scripting