Senior Security Researcher (Cybersecurity)

TL;DR

Senior Security Researcher (Cybersecurity): Conducts deep technical research across cloud environments to uncover new attack vectors, analyze real-world exploitation paths, and contribute to building a unified view of risk across identity, infrastructure, and data layers with an accent on how cloud risk is understood and modeled. Focus on translating complex attack paths into meaningful insights for customers and shaping cloud security strategy.

Location: Hybrid - Tel Aviv, Israel

Company

hirify.global is the Exposure Management company helping organizations understand and reduce cyber risk.

What you will do

• Define cloud risk by grounding findings in how exposure is actually created and exploited.
• Lead the development of novel risk logic and scoring methodologies.
• Conduct deep technical research to discover novel risks and attack vectors across identity, network, workload, and third-party data to produce attack paths.
• Analyze services and architectures from an attacker’s perspective to define trust boundaries and data flows.
• Evaluate new cloud services to establish secure configuration and architectural best practices.
• Provide a broad technical view across cloud domains to identify strategic gaps and drive product direction and features.

Requirements

• 5+ years of hands-on experience in security research.
• Deep understanding of attacker mindset, tradecraft, and real-world exploitation techniques.
• Strong technical background in cloud platforms (AWS, Azure, GCP), including how attackers operate within cloud environments.
• Proven experience designing, building, or validating detection logic.
• Highly curious, self-driven, and comfortable working in ambiguous, fast-evolving problem spaces.
• Strong communication skills, both written and verbal, with the ability to clearly articulate complex technical findings.

Nice to have

• Experience designing or investigating cloud attack paths and complex “toxic combinations” across services and identities.
• Background in offensive security, penetration testing, or red teaming.
• Experience with detection languages or frameworks (Rego, Sigma, YARA or similar).
• Track record of published research, conference talks, or technical blog posts.
• Experience working with product teams and delivering value to customers through the product.

Culture & Benefits

• Culture of belonging, respect, and excellence.
• Partner with talented and passionate people in the industry.
• Support and resources to do work that truly matters.
• Deliver results that exceed expectations and win together!