Job Description

We are an exciting stealth Enterprise software startup that has recently secured significant seed funding from Team8, a leading venture capital firm in the space!

Joining us at this early stage offers a rare opportunity to play a pivotal role in shaping our success and making a lasting impact. We are on a mission to revolutionize IAM consumption and management. We are looking for brilliant, curious, creative, and team player individuals to join our dynamic team and help us build out our cutting-edge technology.

You will be key in finding and developing novel methods to analyze and integrate with complex software using advanced techniques and AI models. This is a unique opportunity to work on novel research and code analysis techniques, diving deep into the core of customer systems and implementing transformative changes at scale.

Your role will include:

• Proactively explore emerging identity security and AI-agent ecosystems risks, uncover new opportunities, and help turn original research into impactful product capabilities.
• Collaborate with the product and engineering teams to translate findings into detection capabilities and product features.
• Create thought-leadership content, including technical blogs, demos, and conference talks.
• Serve as Orchid’s internal authority on emerging threats and identity security trends.

Requirements

• 5+ years of hands-on experience in security research in areas such as cloud/SaaS security, threat/detection research.
• Comfortable analyzing network traffic and protocols in unknown server environments.
• Track record of driving research initiatives end-to-end - from initial hypothesis to documented, shareable output.
• Ability to operate in a fast-paced startup environment, work under pressure, and handle urgent incidents.
• Ability to work independently and in a team-oriented, collaborative environment.
• Strong communication skills, both written and verbal.

Advantages:

• Strong working knowledge of identity protocols: Kerberos, SAML, OAuth, OIDC, LDAP, Active Directory.
• Published research - blogs, CVEs, conference talks, or security advisories.
• Experience working in or alongside product teams to translate research into actual features.