CrawlJobs Logo

Threat Detection Researcher

wiz.io Logo

Wiz

Location Icon

Location:
Israel , Tel Aviv

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Come join the company that is reinventing cloud security and empowering businesses to thrive in the cloud. As the fastest-growing startup ever, Wiz is on a mission to help organizations secure cloud environments that will accelerate their businesses. Trusted by security teams all over the world, we have a proven track record of success and a culture that values world-class talent. Our Wizards from over 20 countries work together to protect the infrastructure of our hundreds of customers, including over 45% of the Fortune 100, who trust us to scan and secure over 230 billion files daily. We’re the leading player in a massive and growing market, but it’s still early enough for you to make a significant impact. At Wiz, you’ll have the freedom to think creatively, dream big, and use your full range of skills to contribute to our record growth. Come join our team and help us create secure cloud environments that allow the best companies to move faster.

Job Responsibility:

  • Develop detections and tools to protect customers from cloud threats
  • Investigate attacks on cloud environments and malware targeting cloud workloads
  • Hunt and analyze real-world attacks and emerging cloud threats
  • Collaborate closely with the R&D team to transform research insights into product features
  • Work with customers in response to requests related to suspicious activity or potential incidents
  • Create best practices and security policies based on research findings
  • Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research

Requirements:

  • 6+ years of experience in security or threat research in which you conducted deep research with actionable conclusions and impacts
  • Intimate knowledge of OS internals (Windows/Linux) and networking
  • Familiarity with cloud services, Kubernetes, cloud environment architecture, and the major cloud providers (AWS, GCP, Azure)
  • Experience delivering security detections in customer-facing product(s)
  • The ability to learn independently, to be self-driven and goal-oriented
  • Excellent communication and teamwork skills

Nice to have:

  • Hands-on experience with malware analysis/reverse engineering/vulnerability research
  • Familiarity with notable threat actors and threat intelligence analysis
  • IR/red-team/threat-hunting experience

Additional Information:

Job Posted:
December 13, 2025

Icon
Wiz - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Threat Detection Researcher

Senior Product Manager – Threat Detection

As a Product Manager – Threat Detection, you will be responsible for driving the...
Location
Location
United States
Salary
Salary:
182000.00 - 219000.00 USD / Year
https://corelight.com/ Logo
Corelight
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years in a technical support, engineering, or security research role
  • 3+ years in networking in a product or practitioner role
  • 5+ years overall experience in cybersecurity, with a focus on network security and threat detection
  • Strong understanding of network protocols, network security principles, and intrusion detection methodologies
  • Experience with Zeek (Bro) and its applications within NDR and security operations
  • Experience with network forensics, packet analysis, and network-based anomaly detection
  • Strong analytical skills, with the ability to interpret and apply threat intelligence and attack frameworks (e.g., MITRE ATT&CK)
  • Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity, or equivalent experience
Job Responsibility
Job Responsibility
  • Develop and maintain a cutting edge detection engineering program via collaboration with Corelight Labs Research
  • Execute the product strategy for Corelight’s threat detection capabilities
  • Research adversary tactics, emerging network threats, and novel detection methodologies to improve the effectiveness of Corelight’s NDR solutions
  • Work closely with threat researchers, SOC analysts, and detection engineers to develop high-fidelity detection logic and optimize network threat intelligence
  • Analyze network protocols and traffic patterns to identify new ways to extract valuable security-relevant insights
  • Collaborate with engineering, UX, and security research teams to develop new features and improve the usability of Corelight’s threat detection tools
  • Contribute to open-source security initiatives, representing Corelight in the broader security community and helping drive innovation
  • Act as a technical liaison between customers, security teams, and internal stakeholders to ensure Corelight remains the gold standard for network evidence collection
  • Define, prioritize, and refine product requirements for threat detection capabilities, integrations, and intelligence applications
  • Develop detection content, documentation, and best practices for leveraging Corelight’s platform in threat hunting and incident response workflows
What we offer
What we offer
  • Equity
  • Additional benefits
  • Collaborative, inclusive, and growth-oriented culture
  • AI-assisted workflows
  • Machine learning models
  • Cloud security and SaaS-based solutions
  • Geographically distributed yet connected employee base
  • Fulltime
Read More
Arrow Right

Research Manager

We are building a world class and uniquely targeted team to drive research throu...
Location
Location
United States
Salary
Salary:
193000.00 - 248000.00 USD / Year
https://corelight.com/ Logo
Corelight
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in Computer Science or Engineering, or equivalent experience
  • 2+ years of experience managing technical teams performing duties in the areas of security research, incident response, and/or DevOps concepts (e.g. sprint planning, delivery tracking)
  • 5+ years of hands-on experience in at least one technical field of information security
  • security research, and detection engineering are preferred
  • Working knowledge of detection engineering, incident response, and threat hunting
  • experience with Zeek, Suricata, YARA, one or more SIEMs are strongly preferred
  • Working knowledge of software engineering practices
  • experience with Jira, git, and GitLab CICD are strongly preferred
  • Working knowledge of networking concepts and network protocols such as TCP/IP, HTTP, TLS, DNS, Kerberos, SMB
  • Working knowledge of programming in at least two languages
Job Responsibility
Job Responsibility
  • Manage a team of security researchers and detection engineers responsible for investigating, creating, and maintaining detection capabilities, and developing associated software engineering tools
  • Collaborate closely with the rest of the Corelight Labs leadership team to devise, pursue & meet project goals and deadlines
  • Collaborate closely with the Corelight Products and Engineering teams to coordinate cross-team projects
  • Fulltime
Read More
Arrow Right

Senior Security Researcher - ITDR (Cortex)

We are looking for a Senior Security Researcher to join our Identity Threat Dete...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5 years’ experience with Active Directory security and identity related attacks
  • 2+ years of experience with Entra ID (formerly Azure AD) or SAAS application - Advantage
  • In-depth knowledge of the inner-workings of operating systems
  • In-depth Knowledge of network protocols, including but not limited to Kerberos, RPC, SMB, HTTP, SMTP, DNS, DHCP, etc
  • In-depth knowledge of enterprise infrastructure, including Active Directory, FW, VPN, Security products, etc
  • At least 2 Years of experience coding Python - Advantage
  • Strong knowledge of SQL language - Advantage
  • Experience with red-teaming / pentest of Entra ID - Advantage
  • Experience with machine learning / data analysis / cloud infrastructure / security - Advantage
  • Ability to drive and own projects from start to finish
Job Responsibility
Job Responsibility
  • Research the evolving threat landscape and develop advanced detections to protect SAAS, Cloud, on-premises, and hybrid identities
  • Focus on identifying and mitigating identity-related threats across networks, endpoints, and cloud environments, using statistical classification methods to build effective detection models and protecting customers at scale
  • Collaborate with cross-functional teams, validate detection concepts on real-world data, and continuously enhance detection capabilities to stay ahead of emerging threats
  • Research innovative methods for detecting targeted attackers operating in endpoints, networks, cloud and SAAS environments
  • Simulate real-world attacks in lab environments and conduct a deep analysis of the behavior
  • Develop and refine statistics-based classification algorithms and techniques to create and improve detection models
  • Research specific scenarios to enhance our model's capabilities
  • Collaborate within a diverse research group, improving our research processes and leading us to be a better team creating a better product
  • Stay informed on the latest APTs, attacker methodologies, and TTPs to ensure our models stay ahead of emerging threats
Read More
Arrow Right

Senior Engineer, Detection R&D

This role is responsible for enhancing detection coverage and methodology throug...
Location
Location
United States , Bethesda
Salary
Salary:
100400.00 - 166800.00 USD / Year
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
February 04, 2026
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Information Security, or a related field
  • or equivalent experience and certifications
  • 6+ years of combined experience in detection engineering, red/purple teaming, security analytics, vulnerability management or cyber threat detection roles
  • 3+ years working with Splunk SIEM (Enterprise Security), CrowdStrike NG-SIEM, or developing UEBA/behavior-based threat detections
  • Hands-on experience with EDR tools such as CrowdStrike Falcon, MS Defender, Sentinel One, etc., and pen testing/vulnerability assessments
  • Proven ability to develop advanced detection content including correlation rules, behavioral analytics, and threat hunting queries
Job Responsibility
Job Responsibility
  • Provide mentorship for junior engineers and Detection Engineering resources
  • Conduct cyber threat detection methodology research aligned with cyber threat detection coverage gaps, threat modeling, and threat intelligence
  • Partner with CTI Team, Detection Engineering, Security Engineering and Security Architecture to develop behavior-based detections leveraging AI/ML and other methods
  • Develop prototype correlation searches, dashboards, reports and alerts within the SIEM, UEBA and Security Data Lake platforms
  • Share detection approaches, recommendations, developed analytics, and other products of detection research with CTI Teams, Detection Engineering and other teams as appropriate to inform detection development
  • Facilitate cross-team collaboration sessions to ideate and review detection use cases and detection methodologies
  • Document and share detection approaches for TTPs, threat models, and monitoring strategies using standard templates and methodologies
  • Collaborate with CTI Team, Detection Engineering, Security Architecture and Engineering teams to ensure detection coverage aligns with cybersecurity risks and business priorities
  • Engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
  • Attend SCRUM and prioritization meetings to review and update deliverables
What we offer
What we offer
  • 401(k) plan
  • stock purchase plan
  • discounts at Marriott properties
  • commuter benefits
  • employee assistance plan
  • childcare discounts
  • medical coverage
  • dental coverage
  • vision coverage
  • health care flexible spending account
  • Fulltime
!
Read More
Arrow Right

Network Threat Support Specialist

The Network Threat Support Specialist will be actively integrated into a compute...
Location
Location
United States , Fort Meade or Columbia
Salary
Salary:
Not provided
gsconsultingllc.com Logo
GS Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must be a United States citizen
  • Position requires candidates to have the ability to obtain and maintain a background investigation
  • Bachelor's degree or equivalent military training
  • Experience discovering threats and/or anomalies in network data
  • Experience discovering and responding to network intrusions
  • Experience adjusting security controls to prevent malware and/or intrusion activity
  • Ability to produce formal documentation on analysis and assessments
  • Experience conducting analysis with DNI/DNR
  • Self motivated and willing to work with a team
  • The ability to appropriately manage individual schedule
Job Responsibility
Job Responsibility
  • Identify adversarial threats and activities against DoD and US government network
  • Analyze and discover threat and intrusion events
  • Leverage technical analysis capabilities to analyze malware and develop methods to defend against malicious activity
  • Respond to and analyze network intrusion and attack events
  • Characterize the capabilities of malware, document how to detect malware, and assess it’s impact
  • Analyze systems and networks of interest, identify network vulnerabilities, and create techniques to exploit networks
  • Write reports for customers based on research and analysis of cyber threat activities and techniques
Read More
Arrow Right

Threat Intelligence Analyst

As a Threat Analyst at UpGuard, you will be an integral member of our Threat Sca...
Location
Location
United States , Chicago
Salary
Salary:
120000.00 USD / Year
https://www.upguard.com Logo
UpGuard
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Expertise in Open Source Intelligence: Strong understanding of OSINT methodologies with a focus on the open, deep, and dark web
  • Understanding of Software Development: Solid grasp of software development processes to deconstruct and interpret vulnerability disclosures effectively
  • Cross-Team Collaboration: Excellent communication skills to work with the Customer Success & Support teams, explaining capabilities and resolving customer issues
  • Independence and Initiative: A self-starter attitude with the ability to take ownership of tasks and drive them to completion independently or collaboratively
  • Technical Skills in Scripting: Proficiency in scripting languages such as Python, with the ability to learn and adapt to new programming languages as needed
Job Responsibility
Job Responsibility
  • Analyze Data Leaks: Process and assess incoming data feeds to identify whether customers have been impacted by data leaks
  • Contribute to Threat Intelligence Feeds: Enhance UpGuard’s proprietary threat intelligence feeds by researching and integrating new findings
  • Develop Vulnerability Detections: Build new product and vulnerability detections by reverse-engineering applications, analyzing vulnerability disclosures, and creating robust detection methodologies
  • Conduct Open Source Intelligence (OSINT) and Security Research: Focus heavily on identifying, analyzing, and interpreting open-source intelligence across the open, deep, and dark web to identify risks and vulnerabilities
What we offer
What we offer
  • Monthly Lifestyle subsidy: use this for financial, physical, and mental wellbeing
  • WFH set-up allowance: to ensure you have the right environment to work in, we will help you get set up within your first 3 months at UpGuard
  • $1,500 USD annual Learning & Development allowance: to support your career development all team members will be able to expense development opportunities against this allowance
  • Generous Annual Leave/PTO allowances: time to recharge your batteries
  • 18 weeks paid Parental Leave: irrespective of parenting role
  • Personal Leave allowance: this includes sick & carer’s leave
  • Fully remote working environment: while we have physical offices in Sydney & Hobart, we do not mandate compulsory attendance
  • Top-spec hardware: all team members will be provided with top-spec laptops for their roles
  • Personal device security & online privacy protection subsidy: UpGuard provides team members with a paid subscription to personal device security & online privacy protection platform
  • Generative AI subsidy: UpGuard provides paid subscriptions for all team members to access generative AI tools to support their work
  • Fulltime
Read More
Arrow Right

Senior Security Incident Response Analyst

We are looking for an Incident Responder with robust technical skills, expertise...
Location
Location
Poland , Gdańsk
Salary
Salary:
256000.00 - 342000.00 PLN / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in security domains like Operations, Incident Response, Detection Engineering, Threat Research, or Engineering, with relevant incident response and investigation experience
  • Proficiency in modern programming languages (Python, Ruby, Java, Go) or scripting for security tasks
  • Experience with AWS, GCP, or similar cloud platforms
  • Experience in building and delivering projects from start to finish
  • Expertise in areas such as malware analysis, forensics, threat hunting, network analysis, or cloud endpoint analysis
  • Contributions to the security community or open source projects
  • Capable of explaining technical issues to non-technical stakeholders
Job Responsibility
Job Responsibility
  • Security Incident Management: Act as an escalation point, collaborate with partners, communicate updates, and work towards resolution. Participate in on-call roster and conduct post-incident reviews to analyze causes and recommend improvements
  • Investigation and Analysis: Investigate log data from multiple sources for signs of compromise, conduct threat hunts, research threat actor tools and tactics, and lead evidence collection and forensic analysis
  • Technical Solutions and Automation: Provide technical solutions to reduce incidents, build and maintain tools for automation, and develop security incident response guides and procedures
  • Advocacy and Training: Advocate for security best practices and secure coding standards, and conduct tabletop exercises and simulations to test and improve incident response readiness
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Security Incident Response Analyst

We are looking for an Incident Responder with robust technical skills, expertise...
Location
Location
Poland , Gdańsk
Salary
Salary:
184500.00 - 246000.00 PLN / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience: 3+ years in security domains like Operations, Incident Response, Detection Engineering, Threat Research, or Engineering, with relevant incident response and investigation experience
  • Technical Skills: Proficiency in modern programming languages (Python, Ruby, Java, Go) or scripting for security tasks
  • experience with AWS, GCP, or similar cloud platforms
  • Project Management: Experience in building and delivering projects from start to finish
  • Specialization: Expertise in areas such as malware analysis, forensics, threat hunting, network analysis, or cloud endpoint analysis
  • Community Engagement: Contributions to the security community or open source projects
  • Communication: Capable of explaining technical issues to non-technical stakeholders
Job Responsibility
Job Responsibility
  • Security Incident Management: Act as an escalation point, collaborate with partners, communicate updates, and work towards resolution
  • participate in on-call roster and conduct post-incident reviews to analyze causes and recommend improvements
  • Investigation and Analysis: Investigate log data from multiple sources for signs of compromise, conduct threat hunts, research threat actor tools and tactics, and lead evidence collection and forensic analysis
  • Technical Solutions and Automation: Provide technical solutions to reduce incidents, build and maintain tools for automation, and develop security incident response guides and procedures
  • Advocacy and Training: Advocate for security best practices and secure coding standards, and conduct tabletop exercises and simulations to test and improve incident response readiness
What we offer
What we offer
  • Health and wellbeing resources
  • paid volunteer days
  • equity
  • bonuses
  • commissions
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy