OX Security: Cloud Security Researcher (CSPM/CNAPP Product)
Source: Himalayas
AI Summary Powered by Gemini
OX Security is seeking a Cloud Security Researcher and Engineer to enhance their CSPM/CNAPP product by improving cloud risk discovery and prioritization. The role requires a strong cybersecurity foundation, hands-on cloud platform experience, and the ability to translate security needs into product features, making it an interesting opportunity for those passionate about building impactful security solutions.
Job Description
DescriptionWe’re hiring Cloud Security Researcher and engineer to help evolve our CSPM/CNAPP product. You’ll work on improving how cloud risks are discovered, modeled, prioritized, and communicated, turning diverse cloud signals into accurate, customer-ready security insights. This role is security-first: strong fundamentals and judgment matter more than “tooling.”RequirementsWhat We’re Looking For:Strong foundation in cybersecurityHands-on experience with at least one major cloud platform (AWS preferred; Azure or GCP also valid). Comfort navigating services, permissions models, and APIs/SDK concepts.Ability to translate security and customer needs into high-value product work (prioritization, impact vs effort, clear definitions of “done”).Good communication skills: you can explain security decisions and tradeoffs to both technical and non-technical stakeholders.Solid engineering literacy (you can read and review code, reason about reliability and edge cases). Deep coding expertise is not required.Bonus Points For:Experience with CSPM/CNAPP tools, security research, or building detection/analytics pipelines.Familiarity with cloud telemetry/log sources and correlating security signals.Comfort with Infrastructure as Code concepts (e.g., Terraform) and cloud-native environments.Originally posted on Himalayas
Full Description
DescriptionWe’re hiring Cloud Security Researcher and engineer to help evolve our CSPM/CNAPP product. You’ll work on improving how cloud risks are discovered, modeled, prioritized, and communicated, turning diverse cloud signals into accurate, customer-ready security insights. This role is security-first: strong fundamentals and judgment matter more than “tooling.”RequirementsWhat We’re Looking For:Strong foundation in cybersecurityHands-on experience with at least one major cloud platform (AWS preferred; Azure or GCP also valid). Comfort navigating services, permissions models, and APIs/SDK concepts.Ability to translate security and customer needs into high-value product work (prioritization, impact vs effort, clear definitions of “done”).Good communication skills: you can explain security decisions and tradeoffs to both technical and non-technical stakeholders.Solid engineering literacy (you can read and review code, reason about reliability and edge cases). Deep coding expertise is not required.Bonus Points For:Experience with CSPM/CNAPP tools, security research, or building detection/analytics pipelines.Familiarity with cloud telemetry/log sources and correlating security signals.Comfort with Infrastructure as Code concepts (e.g., Terraform) and cloud-native environments.Originally posted on Himalayas