Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct cutting-edge research to uncover cloud security vulnerabilities and improve our product.
- Company: Join a dynamic team at Tracebit, making waves in the security industry.
- Benefits: Flexible working hours, remote options, and opportunities for global conference representation.
- Why this job: Make a real impact in cybersecurity while collaborating with top industry experts.
- Qualifications: 5+ years in offensive security, strong coding skills, and a passion for research.
- Other info: Exciting career growth and the chance to shape a new research practice.
The predicted salary is between 48000 - 72000 £ per year.
Our product helps security teams quickly and accurately detect intrusions in their cloud environment using canaries – decoys deployed to deceive attackers.
Our research has already made an impact:
- We\’ve disclosed vulnerabilities in Google\’s Gemini CLI
We work with some of the world\’s leading security teams at companies like Snyk, Riot Games, and Docker.
We\’re at a key stage: we need someone to expand and formalize our research function, turning findings into actionable insights and engaging content while helping Tracebit contribute to the wider security community.
Who we\’re looking for
5+ years in offensive security or vulnerability research with deep focus on cloud platforms (AWS, Azure, GCP). You\’ve found and disclosed vulnerabilities before.
Published security researcher. Track record of blog posts, conference talks, CVEs, or bug bounty submissions. You know how to communicate technical findings clearly.
Technical. Comfortable writing and reading code, and analysing data. You can write scripts, build tooling, and create detection rules.
Self-directed. You\’re excited to build a research practice from scratch without perfect processes or large teams.
About the role
Reporting to Sam , our CTO and Co-Founder, you\’ll expand our security research practice and conduct novel research that directly improves our product.
Your core focus:
- Conduct deep technical research into complex cloud services to uncover novel attack vectors.
- Investigate real-world attacks across cloud environments, identity providers (IDPs), and infrastructure-as-a-service (IaaS) platforms.
- Help our team design new canary types and improve our product based on your research.
- Publish research through blog posts, conference talks (BlackHat, RSA, BSides, fwd:cloudsec), and community engagement.
- Monitor the threat landscape and proactively research emerging attack techniques to write detections and blog posts
- Represent Tracebit at industry conferences globally and build relationships with other researchers.
You’ll find attack vectors, write content, and see our engineering team deploy your findings to protect customers.
FAQs
Where is the office?
The whole team works together in an office right next to Warren Street tube station – there are lots of great places to grab lunch nearby.
Are you doing hybrid/remote?
This role can be based either in our London office or fully remote.
We are an office-first company – all of our team works together in London 5 days a week. However, we\’re making an exception for this role given the nature of the work and the need to hire the best talent in this space.
If you\’re based in London, you\’ll work from our office. If you\’re remote, we expect you to visit London at least quarterly to collaborate with the team in person.
What are the working hours like?
We think 9am-6pm will bring a great cadence to work. As a Security Researcher there will definitely be times you need to pick up work outside of these hours, we\’re keen to limit this where we can but also offer flexibility in return.
Can you sponsor visas?
We can support various types of working visas in the UK, including:
- Skilled Worker Visa (both from within and outside the UK)
- Intra-Company Transfer Visa
We are keen to support candidates who require visa sponsorship. Please let us know which specific visa type you might need during the initial application or interview process. Our team is committed to helping talented individuals navigate the necessary visa requirements.
#J-18808-Ljbffr
Security Researcher employer: Tracebit
Contact Detail:
Tracebit Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Researcher
✨Tip Number 1
Network like a pro! Reach out to folks in the security community, especially those at companies like Snyk or Riot Games. Attend meetups or conferences, and don’t be shy about sharing your research – it could lead to some great opportunities!
✨Tip Number 2
Show off your skills! Create a portfolio of your work, including any published research, blog posts, or conference talks. This will not only demonstrate your expertise but also give potential employers a taste of what you can bring to the table.
✨Tip Number 3
Be proactive! Keep an eye on emerging threats and trends in the cloud security space. Share your insights through social media or your own blog – this will help you stand out as a thought leader in the field.
✨Tip Number 4
Apply through our website! We’re always on the lookout for talented individuals who can contribute to our mission. Don’t hesitate to showcase your unique approach to security research when you apply!
We think you need these skills to ace Security Researcher
Some tips for your application 🫡
Show Off Your Experience: Make sure to highlight your 5+ years in offensive security or vulnerability research. We want to see your track record of finding and disclosing vulnerabilities, so don’t hold back on those achievements!
Communicate Clearly: Since you’ll be turning complex findings into engaging content, it’s crucial to demonstrate your ability to communicate technical details clearly. Use straightforward language and examples in your application to show us you can do this.
Be Yourself: We’re looking for someone self-directed who can build a research practice from scratch. Let your personality shine through in your application – we want to know what excites you about this role and how you approach challenges.
Apply Through Our Website: Don’t forget to apply through our website! It’s the best way for us to keep track of your application and ensure it gets the attention it deserves. Plus, it shows you’re serious about joining our team!
How to prepare for a job interview at Tracebit
✨Know Your Stuff
Make sure you brush up on your knowledge of cloud platforms like AWS, Azure, and GCP. Be ready to discuss specific vulnerabilities you've found and disclosed in the past. This will show that you have the hands-on experience needed for the role.
✨Showcase Your Research
Prepare to talk about your published work, whether it's blog posts, conference talks, or CVEs. Bring examples of your research that demonstrate your ability to communicate complex technical findings clearly. This is crucial for engaging with the wider security community.
✨Be Ready to Think on Your Feet
Since this role involves building a research practice from scratch, be prepared to discuss how you would approach this challenge. Think about processes you might implement and how you would engage with the team to drive innovation in security research.
✨Engage with the Community
Familiarise yourself with current trends in the security landscape and be ready to discuss emerging attack techniques. Showing that you're proactive about monitoring threats and contributing to the community will set you apart as a candidate who truly cares about the field.
