OX Security

Cloud Security Researcher (CSPM/CNAPP Product) - B2B Contract

OX Security  •  Warsaw, PL (Onsite)  •  3 months ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

We’re hiring Cloud Security Researcher and engineer to help evolve our CSPM/CNAPP product. You’ll work on improving how cloud risks are discovered, modeled, prioritized, and communicated, turning diverse cloud signals into accurate, customer-ready security insights. This role is security-first: strong fundamentals and judgment matter more than “tooling.”

Responsibilities

What You’ll Do

  • Design and improve cloud security detections and enrichment logic: define what to detect, why it matters, and what evidence customers need to act.
  • Correlate multiple signals (configuration, identity, asset inventory, activity/telemetry, relationships between resources) to improve accuracy and reduce noise.
  • Validate and refine severity/prioritization so results are consistent, explainable, and aligned with real risk.
  • Use competitor analysis and customer feedback to identify opportunities and deliver product improvements with clear business impact.
  • Use AI and internal agents to accelerate development: write strong prompts, guide outputs, review/adjust generated logic and code, and turn prototypes into reliable implementations.
  • Communicate clearly with engineering/product teams: requirements, tradeoffs, release notes, and customer-facing rationale.

Requirements

What We’re Looking For

  • Strong foundation in cybersecurity
  • Hands-on experience with at least one major cloud platform (AWS preferred; Azure or GCP also valid). Comfort navigating services, permissions models, and APIs/SDK concepts.
  • Ability to translate security and customer needs into high-value product work (prioritization, impact vs effort, clear definitions of “done”).
  • Good communication skills: you can explain security decisions and tradeoffs to both technical and non-technical stakeholders.
  • Solid engineering literacy (you can read and review code, reason about reliability and edge cases). Deep coding expertise is not required.

Bonus Points For

  • Experience with CSPM/CNAPP tools, security research, or building detection/analytics pipelines.
  • Familiarity with cloud telemetry/log sources and correlating security signals.
  • Comfort with Infrastructure as Code concepts (e.g., Terraform) and cloud-native environments.
OX Security

About OX Security

OX Security is the creator of VibeSec, the first AI-Native vibe security platform that stops insecure AI-generated code before it ever exists. By embedding dynamic security context directly into AI coding tools, VibeSec ensures every line of code is secure from inception. Finally, security moves faster than vulnerabilities.

Industry
IT & Software
Company Size
51-200 employees
Headquarters
Boston, Massachusetts
Year Founded
2021
Website
ox.security
Social Media