Research adversary tactics, techniques, and procedures (TTPs) and translate them into detection and prevention capabilities for Acronis Security and EDR products
Analyze malicious and benign content — executables, scripts, documents, memory dumps, network traffic, exploit chains — to identify indicators and behavioral patterns
Develop, tune, and maintain detection logic, signatures, and behavioral rules across multiple expression languages and rule formats
Monitor and improve automated detection pipelines to maintain high efficacy and low false-positive rates
Track emerging threats through open-source intelligence, telemetry analysis, and threat feeds to ensure coverage keeps pace with the landscape
Collaborate with scan engine and product engineering teams on joint research projects and new security features
Publish original research through blog posts, whitepapers, and conference presentations

Deep understanding of modern attack techniques, common malware families, OS internals (Windows required; macOS and Linux are a plus)
5+ years of hands-on experience in one or more of: malware analysis (static, dynamic, behavioral), detection engineering, threat hunting, incident response, or insider threat investigation
Proven ability to develop detection logic — whether that's YARA, Sigma, EQL, KQL, custom behavioral signatures, or something else entirely
Comfortable working with threat intelligence platforms and frameworks: VirusTotal, Shodan, MISP, MITRE ATT&CK, or similar
Software development skills in Python; familiarity with REST APIs, SQL, and regex
C/C++ is a plus
Solid written and spoken English

Cybersecurity Researcher, Threat Analysis and Detection Engineering

Key skills