About The Role

We are seeking a dynamic, innovative, and experienced leader to spearhead our threat research and detection engineering initiatives in a fast-paced startup environment. The ideal candidate will have deep hands-on expertise in malware analysis, reverse engineering, incident response, and signature development for antivirus, EDR solutions, and sandbox environments. The role will require close interaction and collaboration with Cyble’s Product team to enhance our threat detection capabilities. Passionate about uncovering new threats, hunting emerging risks, and tracking threat actors, you will also be responsible for building and mentoring a diverse team of experienced threat researchers, detection engineers and interns. This role demands a strategic thinker with excellent technical, communication, and leadership skills, driven by a growth and learning mindset.

Roles & Responsibilities

Define and execute the strategic direction for threat research and detection initiatives. Lead, inspire, and manage a high-performing team, fostering a culture of continuous improvement, innovation, and learning. Collaborate with product and engineering teams to integrate advanced threat detection methodologies into our solutions.

Oversee the hiring process to recruit top talent; develop and implement mentorship and training programs to cultivate the skills and career growth of team members across all levels. Create a collaborative environment that encourages knowledge sharing and professional development.

• Threat Research & Analysis:
• Oversee a team that conducts advanced malware analysis and reverse engineering to dissect new threats and attack techniques.
• Continuously research, track, and analyze emerging threat actors, campaigns, and global threat intelligence to proactively enhance Cyble’s threat research capabilities.
• Oversee a team of researchers tasked with contributing to threat research blogs, articles and, advisories and reports for clients
• Threat Detection Engineering:
• Help develop and author detection signatures for antivirus (AV), endpoint detection and response (EDR), and malware sandbox environments.
• Build proficiency in YARA, SIGMA, and Suricata rule development.
• Collaboration & Cross-Functional Engagement:
• Partner with Digital Forensics and Incident Response (DFIR) teams to offer expert support during investigations.
• Effectively communicate threat landscapes, detection strategies, and research findings to technical and non-technical stakeholders.
• Provide subject matter expertise to product managers and software engineers as they build and evolve Cyble’s threat intelligence products and platforms
• Interface with clients to demonstrate Cyble’s expertise in threat research and threat intelligence gathering as and when required
  

Technical Expertise

• Proficiency with tools such as IDA Pro, Ghidra, OllyDbg etc.
• Deep understanding of malware behavior, obfuscation techniques, and binary analysis.
• Expert-level proficiency in Python for developing detection algorithms and automation scripts.
• Knowledge of additional scripting languages like Bash or PowerShell.
• Expertise in threat hunting methodologies, tracking threat actors, and analyzing adversary tactics using Virus Total, Reversing Labs etc.
• Strong understanding of EPP and or EDR platform design and the integration of detection capabilities.
• Exposure to building or maintaining threat intelligence sources and feeds
• Experience with both commercial and open-source threat detection tools.
• Familiarity with digital forensics tools and techniques. Insight into incident response processes to validate detection efficacy.
• In-depth knowledge of operating systems, network protocols, and cloud security (AWS, Azure, GCP)
• Experience with SIEM and log management tools such as Splunk, ELK Stack, or ArcSight.
  
  

Qualifications

• A degree in Computer Science, Cybersecurity, or a related field.
• Experience working in reputed cyber threat intelligence organizations or endpoint security product OEMs within the threat research or DFIR function, with an appetite for challenge and continuous innovation.
• Industry certifications such as GIAC Reverse Engineering Malware (GREM), or equivalent are highly desirable but not mandatory.
  
  

Why Join Us?

• Innovative Environment: Engage with a forward-thinking startup that values creativity, rapid learning, and pioneering research in cybersecurity.
• Growth Opportunities: Tackle challenging projects with significant impact and contribute directly to the evolution of our security products and strategies.
• Collaborative Culture: Join a passionate team dedicated to advancing cybersecurity practices and developing industry-leading solutions.
• Leadership Impact: Play a critical role in shaping our threat research and detection strategies while mentoring the next generation of cybersecurity professionals.
  
  

If you are driven by a passion for combating cyber threats for our customers, excited about building and leading a talented team, and eager to innovate in a dynamic startup environment by contributing with your experience, we invite you to apply and help shape the future!