BriefCase
BriefCase

Principal Threat Research Engineer Job in Aryaka Networks

Principal Threat Research Engineer

Aryaka Networks 4+ weeks ago
Apply Now
Job Summary The Principal Threat Research Engineer will identify, analyze, and mitigate evolving cyber threats by creating and maintaining effective threat detection signatures. This role requires deep expertise in understanding modern cyber threats, malware behavior, and signature writing for advanced threat detection technologies. You will work closely with cross-functional teams, such as threat intelligence, incident response, and security product development, to enhance the organization s defense capabilities and provide strategic insight into the threat landscape. Key Responsibilities: Signature Writing & Development: i) Design and develop accurate, high-quality signatures and detection rules for threat detection systems (IDS/IPS, AV, EDR). ii) Improve and update detection logic to adapt to the latest threats, exploits, and attack vectors. iii) Optimize detection signatures to minimize false positives and maximize detection efficiency across various security platforms. Threat Research & Analysis: i) Lead in-depth research into emerging cyber threats, malware, APT groups, and TTPs (Tactics, Techniques, and Procedures). ii) Analyze attack patterns, behavior, and malicious code to identify new detection opportunities. iii) Track and understand evolving threat landscapes, including new vulnerabilities, exploits, and attack campaigns. Collaborative Threat Intelligence: i) Collaborate with global threat intelligence teams to share threat research findings and develop a comprehensive understanding of adversarial behavior. ii) Maintain relationships with external threat-sharing communities and organizations to stay up-to-date on the latest threat information. iii) Support the security team in responding to active threats, providing detection strategies and remediation guidance. Detection Engineering & Optimization: i) Work closely with the detection engineering team to integrate custom and third-party signatures into existing detection platforms (SIEM, IDS/IPS, EDR). ii) Identify gaps in current detection methodologies and implement improved detection capabilities for advanced threats, such as zero-day exploits, fileless malware, and APT campaigns. iii) Conduct performance testing and tuning of signatures to ensure system stability and effectiveness under various network environments. Thought Leadership & Knowledge Sharing: i) Act as a subject matter expert on threat detection, signature development, and malware analysis for internal and external stakeholders. ii) Lead and mentor junior threat researchers and engineers by providing guidance, training, and technical expertise. iii) Create research reports, blogs, whitepapers, and presentations to communicate key research findings and trends to technical and non-technical audiences. Required Qualifications: Bachelor s or Master s degree in Computer Science, Cybersecurity, Information Security, or a related field. 8+ years of experience in cybersecurity, with a focus on threat research, signature development, or malware analysis. Proven experience in writing and optimizing signatures for IDS/IPS, antivirus, and endpoint detection and response (EDR) solutions. Deep knowledge of cyber threats, including malware, ransomware, phishing, and advanced persistent threats (APTs). Strong understanding of network protocols, system internals (Windows, Linux), and attack techniques such as fileless malware, obfuscation, and evasion. Proficiency with malware analysis tools (e.g., IDA Pro, Ghidra), network analysis tools (e.g., Wireshark, Zeek), and sandbox environments. Experience with signature formats such as YARA, Snort, Suricata, and regular expression-based detection logic. Familiarity with MITRE ATT&CK framework and how it maps to threat detection and signature development. Strong problem-solving and analytical skills, with an ability to think critically about threat detection and mitigation strategies. Excellent verbal and written communication skills, with the ability to convey complex threat intelligence and detection strategies to a diverse audience. Ability to work collaboratively across teams and mentor junior team members. Preferred Qualifications: Relevant cybersecurity certifications such as CISSP, GIAC, OSCP, or GREM. Expertise in scripting and automation (Python, PowerShell, Bash) to automate threat research and signature writing processes. Experience with cloud-based threat detection and response (e.g., AWS GuardDuty, Azure Sentinel). Familiarity with advanced hunting techniques, including threat hunting using logs, endpoint data, and network data. Employee Value Proposition (EVP): At Aryaka, we offer a dynamic and innovative work environment where you will have the opportunity to make a significant impact in the network security industry. Our commitment to cutting-edge technology and customer satisfaction provides a platform for continuous learning and professional growth.
Qualification :
Bachelors or Masters degree in Computer Science, Cybersecurity, Information Security, or a related field.
Experience Required :

Minimum 8 Years

Vacancy :

2 - 4 Hires

Apply Now
Similar Jobs for you

See more recommended jobs

Your 4 Step Guide to Career Success

Apply for jobs
Create Profile
Schedule Interview
Get Hired