Lead Security Researcher

Qualys is seeking experienced threat researchers to identify and analyze emerging cyber threats. You will be instrumental in producing original research publications and collaborating with engineering teams to provide valuable insights and feedback into a wide array of Qualys products. As a member of the Qualys Threat Research Team, you will contribute to solving complex security challenges using innovative methods. The team focuses on leading research into adversary attack tactics, techniques, threat actor groups, and campaign activities. Key outputs include creating security content for Qualys products, authoring blog posts, and delivering conference presentations based on research into the latest adversary TTPs. You will also work closely with security, malware research, product, and engineering teams to develop advanced protection strategies against evolving cybersecurity threats.

Responsibilities:

• Monitor, analyze, and research emerging cyber threats, vulnerabilities, and exploits to discover novel TTPs and their associated mitigations.
• Produce and test rules for threat hunting and data enrichment (e.g., Yara).
• Analyze the threat attack life-cycle, including behavior, modus operandi, and objectives.
• Employ a comprehensive approach involving intelligence collection, signature creation, and initial malware analysis.
• Research new methods and technologies for detecting cyber threats, identifying signals, and designing strategies to leverage these signals for threat and breach identification.
• Develop tools to automate and scale detection and response activities.
• Write detailed technical blog posts detailing discovered threats and TTPs.
• Collaborate with other teams to develop and integrate cross-product intelligence.

Educational Qualifications:

• B.E./B.Tech/M.Tech in Computer Science, MCA, or MCS from a reputable institution.
• Certifications in Computer Security domains are desirable.

Experience:

• 7 years of relevant technical experience.

Technical Qualifications:

• Expertise in MITRE ATT&CK framework and EDR/XDR technologies.
• Proven experience in threat hunting, incident response, or security operations.
• Proficiency with common threat intelligence tools (e.g., VirusTotal, Shodan).
• Solid understanding of security controls, forensics, kill chain analysis, risk assessment, and security metrics.
• Ability to perform initial static and dynamic malware analysis.
• Understanding of reverse engineering techniques.
• Knowledge of networking and the TCP/IP stack.
• Proficiency in programming or scripting languages.
• Knowledge of networking protocols and application file formats (e.g., PDF, Office files), and operating system internals.

Soft Skills:

• Excellent written and verbal communication skills.
• A 'can-do' attitude and strong problem-solving abilities.
• Adaptability to changing priorities and the ability to quickly develop innovative solutions.
• Initiative and ability to work with minimal supervision.
• Serve as a subject matter expert in your area of expertise.