Security Researcher

About us

Oligo is a fast-growing cybersecurity startup transforming how organizations protect their applications, cloud environments, and AI systems at runtime. Backed by top-tier investors including Greenfield Partners, Red Dot Capital Partners, Lightspeed, Ballistic Ventures, and TLV Partners, we’re on a mission to make real-time security a reality.

Oligo’s industry’s leading runtime security platform built to stop attacks in real time without stopping the business. We transform security from passive visibility to active protection across applications, cloud services, workloads, and AI systems. By uncovering the deepest layers of what actually runs in production, Oligo helps organizations prioritize exploitable vulnerabilities, detect malicious behavior as it happens, and stop modern attacks in their tracks.

What You’ll Be Doing

As a Security Researcher at Oligo, you will play a key role in shaping the future of modern runtime and AI security. You will investigate how real-world attacks unfold across applications and cloud environments, and turn those insights into innovative, production-grade security capabilities.

This role is ideal for a deeply technical researcher who is driven to understand attacks at their core - not just identify surface-level indicators. You will research exploitation chains, runtime behavior, attacker techniques, and emerging AI attack patterns, then apply that knowledge to build protections that are precise, resilient, scalable, and grounded in how attacks actually work.

Specifically, you will:

• Research real-world attack techniques targeting modern applications, cloud-native environments, and AI-driven systems.
• Design, develop, validate, and deploy detection algorithms based on technical research, large-scale runtime telemetry, threat intelligence, and exploit PoCs.
• Shape the strategy for detection data collection by defining the required telemetry, collection points, and data quality standards needed to support effective protection.
• Drive research efforts end-to-end, from initial exploration and technical investigation to production-grade protection capabilities for active threats.
• Work closely with engineering and product teams to turn research into practical security capabilities.

Qualifications

• 5+ years of experience in security research, vulnerability research, detection engineering, threat detection engineer, or a related technical security role.
• Strong understanding of modern application attack techniques, including the ability to analyze vulnerabilities and exploitation flows.
• Deep expertise in Linux internals.
• High degree of ownership and ability to independently navigate ambiguous technical problem spaces and turn them into structured research plans and actionable outcomes.
• Experience designing and conducting hands-on technical research, including investigations, experiments, and PoC development.
• Strong programming skills for code analysis, research tooling, and building proof-of-concepts and vulnerable test applications.
• Strong communication and teamwork skills, with a collaborative approach to problem-solving across teams.
• Data analysis skills and hands-on experience working with databases.

We’ll be lucky if you have

• Experience with cloud-native attack surfaces, such as Kubernetes.
• Familiarity with eBPF, syscall tracing, or other low-level runtime observability techniques.
• Knowledge of programming language internals, exploitation techniques, or low-level system behavior.
• Experience with data science or statistical analysis in the context of security research.
• Familiarity with AI security concepts and attack techniques targeting LLMs, agents, or AI-integrated applications.