Senior Security Researcher

In this role, you will collaborate with the cyber security products team and a key member of the Network Threat Intelligence to support the development, validation, and research of network intrusion detection capabilities and aid in security research. Your contributions will directly impact the production and enhancement of threat detection signatures, research of emerging threats, and improvement of internal threat intelligence processes and product’s capabilities.

Responsibilities and Duties:

• Collaborate with product developers to build protocol decoder logic and threat detection guidance.
• Analyze and respond to network vulnerabilities and exploits with IPS signatures, including signature development and tuning and testing.
• Collaborate with security researchers to advance IPS detection from signature-based to anomaly-based methods.
• Recreate vulnerabilities to analyze exploit behavior, validate detections, and strengthen defensive strategies for IoT and consumer grade threats.
• Perform packet-level analysis using PCAPs and tools like Wireshark or Zeek.
• Participate in the development of internal tools to improve research workflows and automation in Python.
• Conduct open-source intelligence (OSINT) gathering for emerging threats, indicators of compromise (IoCs), and TTPs.
• Support creation of technical documentation, threat reports, whitepapers etc.
• Drive innovation by developing new ideas and contributing to internal and external research publications.
• Engage in technical discussions during all phases of the threat research and signature development lifecycle.
• Assist in building overall threat intelligence framework to generate proprietary and contextual threat intelligence.

Qualifications:

• Bachelor’s or Master’s degree in Computer Science, Electrical Engineering, Cyber Security, or a related field.
• 5 – 8 years of experience in cybersecurity, Detection Engineering, IPS Signature Writing, Network Threat Detection
• Strong understanding of Computer Networking, TCP/IP Protocol Stack, OSI Model, and Intrusion Detection Systems (IDS).
• Familiarity with Cyber Threat Intelligence, MITRE ATT&CK, and common malware delivery methods.
• Strong understanding and ability to decode L4 - L7 OSI Layer Protocols
• Programming knowledge, preferably in Python; ability to automate analysis or write small utilities.
• Comfortable working with both Linux operating system, Git version control and containerization tools.
• Strong communication skills, keen attention to detail, and excellent research aptitude.

Location:

• India – (Flexible hybrid work model - work from Bangalore office for 20 days in a quarter)