Upwind is a next-generation Cloud Security Platform that leverages runtime context to identify and prioritize critical risks, providing precise insights and efficient cloud security management. Unlike traditional tools, Upwind uses runtime data proactively for risk prioritization and posture insights, ensuring teams focus on what truly matters. With industry-leading efficiency and eBPF-powered sensors, Upwind delivers comprehensive capabilities, including agentless cloud posture discovery, real-time threat protection, and integrated API security. From misconfigurations to malware defense, Upwind ensures end-to-end, cost-effective cloud infrastructure protection. At Upwind, you'll have the opportunity to think creatively, explore new ideas, and use your skills to make a meaningful impact on our growth.
We're looking for a research-minded, DevOps-fluent Security Researcher to own the "left" side of the platform - from source code and IaC, through CI/CD pipelines, into running cloud workloads and the sensitive data they touch. You'll trace how risk originates in a commit or a data store and follows an attack path all the way to runtime, then turn that research into the posture logic that powers Upwind's code-to-cloud, CSPM and DSPM capabilities. This role sits at the intersection of DevSecOps, cloud, data security, and AI systems.
- Conduct deep technical research across the full software development lifecycle - source code, IaC, dependencies, CI/CD pipelines, artifacts, and runtime - to map the environment and discover novel risks, misconfigurations, and end-to-end attack paths (code-to-cloud), then enrich findings with context and generate meaningful, actionable remediation.
- Lead research into Data Security Posture Management (DSPM): how sensitive data is stored, classified, moves, and gets exposed across cloud data stores, and translate this into data discovery, classification, and data-flow risk logic.
- Correlate runtime context from Upwind's eBPF sensors with code, pipeline, and data findings to prioritize what is actually reachable and exploitable - not just theoretically vulnerable.
- Research and apply AI and ML techniques to strengthen the policy engine itself - improving detection accuracy and coverage, reducing false positives, and making risk prioritization and analytics smarter across code, cloud, data, and runtime signals.
- Lead product initiatives from inception to production. Collaborate closely with product, backend, and GTM, translating research into shipped product capabilities.
- Define and build complex policy and risk-prioritization logic spanning code, cloud, data, and runtime.
Requirements
- 5+ years of experience in Cyber Security research, cloud security, or DevSecOps, particularly in cloud environments.
- Military background experience, University Degree, or Ex-CNAPP.
- Deep understanding of modern DevOps and CI/CD environments - pipelines (e.g., GitHub Actions, GitLab CI, Jenkins), Infrastructure-as-Code (e.g., Terraform, CloudFormation), containers, and Kubernetes.
- Hands-on experience with at least one major cloud provider (AWS, GCP, or Azure) and its data and identity services.
- Ability to learn the inner mechanisms of complex architectures - low level, cloud, and data.
- Hands-on skills with scripting languages (e.g., Python) and query languages (e.g., SQL); comfort reasoning about data stores and data flows.
- Ability to work independently in a dynamic, fast-moving, and demanding environment - owning research initiatives end-to-end and leading projects on your own across product, backend, and GTM teams.
- Excellent written and oral communication skills in English.
Advantages
- Experience in AI Security Research, or securing AI/ML pipelines and workloads.
- Experience with DSPM, data classification, or data security tooling.
- Knowledge of graph and data science algorithms (e.g., graph analytics, clustering, anomaly detection, statistical modeling).
- Experience with software supply chain security (SBOM, dependency and artifact/registry security).
- Contributions to open-source security tooling.
- Experience in public-facing work, such as presenting at recognized industry conferences, authoring technical blog posts, or publishing research.