Research Team Lead

Big Ideas. Real People.

At Orca, in the right environment and with the right team, talent has no boundaries. This team spirit, together with our drive to always aim high, has quickly earned us unicorn status and turned us into a global cloud security innovation leader. So if you’re ready to join an amazing team of people who inspire each other every day, now is the time to find your place in our pod. 

We’re looking for driven and talented people like you to join our team and our mission to change the future of cloud security. Ready to dive in and swim with our pod? 

Highlights

• High-growth: Over the past six years, we’ve consistently achieved milestones that take other companies a decade or more. During this time, we’ve significantly grown our employee base, expanded our customer reach, and rapidly advanced our product capabilities.
• Disruptive innovation: Our founders saw that traditional security didn’t work for the cloud, so they set out to carve a new path. We’re relentless pioneers who invented agentless technology and continue to be the most comprehensive and innovative cloud security company.
• Well-capitalized: With a valuation of $1.8 billion, Orca is a cybersecurity unicorn dominating the cloud security space. We’re backed by an impressive team of investors such as Capital G, ICONIQ, GGV, and SVCI, a syndicate of CISOs who invest their own money after conducting their due diligence.
• Respectful and transparent culture: Our executives pride themselves on being accessible to everyone and believe in sharing knowledge with the employees. Each employee has a place in shaping the future of our industry.

About the role

As the Research Team Lead, you will guide Orca Security’s threat-research, security-innovation, and vulnerability-discovery efforts. You will define the strategy for how we uncover cloud threats, identify novel attack vectors, influence product direction, and contribute thought leadership to the cybersecurity community.

You will manage a team of world-class researchers, work closely with product, engineering and go-to-market teams, and ensure our research remains cutting-edge, rigorous and impactful.

Key Responsibilities

• Develop, own and evolve the research strategy by defining high value focus areas such as cloud misconfigurations, identity threats, workload vulnerabilities and side channel attacks, and ensuring alignment with Orca’s product roadmap and business objectives.
• Lead, coach, and mentor a multidisciplinary research team of cloud-security experts, threat analysts, and software engineers.
• Define metrics for research impact: e.g., number of vulnerabilities discovered, mean time to detection of new threats, number of research-driven product innovations.
• Leverage large-scale data analysis and AI/ML tools to identify trends, automate detection, and enhance cloud threat intelligence.
• Identify and drive discovery of new vulnerabilities, attack techniques or adversary behaviors targeting cloud platforms, containers, serverless, data stores etc.
• Stay current with the threat-landscape, emerging technologies, adversary tactics, and regulatory/compliance changes affecting cloud security.
• Collaborate with product, engineering and R&D teams to ensure research insights translate into concrete features, detection logic, and customer value.
• Manage the research resource planning, tooling/infrastructure for the research function – including sandbox environments, data analysis tooling, and attack simulations.
• Establish partnerships with external research groups, academic institutions, and industry peers to amplify our capabilities and knowledge network.
• Publish research findings (blog posts, white-papers, conference talks) to elevate Orca’s reputation as a cloud-security innovator.
• Influence the broader security community through vulnerability disclosures, advisory publications, industry working groups, and open research collaboration.

Required Qualifications & Skills

• 7+ years in security research, threat intelligence, vulnerability discovery or related roles, with experience and passion for leadership.
• Proven experience in managing a team – mandatory
• Deep technical knowledge of cloud infrastructure (AWS, GCP, Azure), containerization (Kubernetes, Docker), serverless, IAM, data storage, code repositories and associated threat vectors.
• Proven ability to write production-quality code, particularly in Python and Go.
• Deep experience with data systems: SQL and NoSQL databases (e.g., PostgreSQL, BigQuery, Elasticsearch, or similar).
• Experience applying data analysis, machine learning, or AI-assisted tools (e.g., LLMs, automated pattern recognition, or anomaly detection) to security research.
• Proven track record of publishing and presenting research (vulnerability advisories, conference talks, white-papers), and translating research into product/detection capabilities.
• Hands-on ability: understanding of reverse engineering, exploit development, or other cutting-edge security techniques.
• Strong leadership and organizational skills: building and scaling a team, setting vision, driving execution.
• Excellent communication skills: able to share technical insights with engineering, product, senior leadership, and external audience.
• Strategic thinker with strong business acumen and the ability to align research activities with company objectives.

Advantage

• Experience building or contributing to security-product codebases (e.g. scanning engines, detection frameworks, or telemetry pipelines).
  Strong network in the security research community, experience working with bug-bounty programmes, open source projects, vulnerability disclosure, or external research collaborations.