Offensive Security Researcher

Upwind is the runtime-powered CNAPP that leverages runtime data to secure our customers’ cloud infrastructure. Upwind’s holistic approach to cloud security helps organizations mitigate the risks that actually matter, identify the root causes of threats in minutes and respond with context and automation. Upwinders are spread across the globe in all departments and work together to protect the infrastructure of our customers - we’re a strong, emerging player in a massive and growing market, and it’s still early enough for you to make a significant impact. At Upwind, you’ll have the freedom to think creatively, dream big, and use your full range of skills to contribute to our record growth. 

We are seeking an experienced Vulnerability Researcher to join our team, where our ethos of customer-centric problem solving, ownership, professionalism, and resourcefulness are at the heart of everything we do. The team faces complex research issues daily, solving new challenges and constantly improving the existing solutions. In this key position, you'll dive deep into complex security puzzles, pushing the boundaries of our vulnerability research and solutions. Collaborating on challenges with our team means working with the leading cloud platforms (AWS, GCP, Azure) and leveraging advanced technologies like Kubernetes, EBPF, Docker, and more.

Responsibilities 

• Vulnerability research in the major Cloud providers and cutting-edge technologies.
• Collaborate with teams across the organization, including Product, and GTM, to develop and integrate top-tier features.
• Conduct deep technical research into cloud-native environments.
• Lead offensive investigations in Kubernetes, eBPF, AI/ML‑based anomaly detection, and runtime security, translating findings into production‑grade detections.
• Create authoritative content — white‑papers, conference papers, blogs, and release notes that educate users and elevate Upwind’s brand.
• Deep dive into threat detection and product content that provide our customers deep insights and added value.

• +4 years of experience as a Vulnerability or Offensive Security researcher, specializing in web exploitation and advanced offensive techniques.
• Experience with cloud platforms and products (e.g. AWS, GCP, and Azure).
• Military background or experience with Ex-CNAPP is highly advantageous.
• Possession of a Vulnerability Research Certification, contributions to CVEs, or a recognized standing in global security rankings is highly desirable.
• Ownership and Professionalism - you ARE required for a deep sense of responsibility towards work, with attention to detail, and a proactive approach to tackling any task, regardless of its nature.
• Resourcefulness - Ability to achieve more with less, utilizing creativity and high standards to navigate and overcome challenges pragmatically.