Arctic WolfRemote
Senior Staff Threat Researcher, Detection Engineering
United States
Full-time
13 hours ago
H1B Sponsor Likely
Key skills
PythonSIEM detectionsEDR detections/signaturesDevelopment of detectionsWindows PowerShell monitoringOS-specific telemetrySuricataSigmaYara rulesNetworking security principlesAgile developmentLeadershipContinuous learningRPowerShellAgileMentoring
About this role
Arctic Wolf is a leading company in the cybersecurity industry, striving to redefine security operations. They are seeking a Senior Staff Threat Researcher to provide technical direction and guidance across multiple teams, focusing on delivering high-value solutions and improving existing detection capabilities.
Responsibilities:
- Act as a mentor to R&D technical leaders
- Apply broad expertise and knowledge in highly specialized fields or several related disciplines
- Lead and contribute to the development of company objectives and principles to achieve goals in creative and effective ways. Produce specifications and determine operational feasibility
- Work on significant and unique issues where analysis of situations or data requires an evaluation of intangibles
- Apply conceptual thinking to understand advanced issues and implications
- Exercise independent judgment in methods, techniques, and evaluation criteria for obtaining results
- Accountable for results, which may impact the entire function
- Create formal networks involving coordination among groups
- Focus on providing thought leadership and work on broader organizational projects which require understanding of wider business, by conveying advanced information and persuading several diverse stakeholders/audiences
- Recognized internally and externally as a subject matter expert
- May direct the work of others
Requirements:
- 10+ years of professional experience as a security architect, detection developer, reverse engineer, security researcher, or CNO developer
- Expert‑level Python expertise
- OS‑specific telemetry (Windows Security/Sysmon logs, Linux, MacOS)
- Windows PowerShell monitoring
- SIEM detections
- EDR detections/signatures
- Suricata, Sigma, and Yara rules
- Development of anomaly‑ and behavioral‑based detections
- Tuning and optimization of detections for all the above
- Experience leading and mentoring groups of developers while contributing code independently
- Experience designing and building detection frameworks and processes
- Experience managing and measuring security efficacy of detections
- Experience managing and measuring cost efficiency of detection frameworks
- Deep understanding of networking security principles and flows
- Experience leading Agile development teams, preferably with formal Agile training
- Understanding of the Arctic Wolf service delivery model
- Experience with the Arctic Wolf detection framework and infrastructure
- Commitment to continuous learning and skills development
- B.Sc. in a technical field (CS, CE, EE, Math, Physics, etc.) with M.Sc./PhD preferred