Staff Threat Research Engineer

1 month, 4 weeks ago
Full-time
Lead
Artificial Intelligence and Machine Learning
Sumo Logic

Sumo Logic

Sumo Logic offers top-tier cloud monitoring, log management, and Cloud SIEM tools for web and SaaS apps, empowering businesses with real-time insights and high-quality software delivery.

Internet Software & Services
251-1K
Founded 2010

Description

  • Conduct applied and original threat research and translate findings into actionable detection logic.
  • Design, build, and refine detection content and validation pipelines with Threat Labs teammates.
  • Test threat detection logic in lab environments against real-world attacker behaviors.
  • Analyze malware, track infrastructure, and use honeypots to uncover novel attacker behaviors.
  • Investigate industry and adversary trends to identify emerging detection opportunities.
  • Maintain and expand Threat Labs’ research lab infrastructure.
  • Collaborate with product management and engineering to scope, prioritize, and improve detection campaigns.
  • Provide practitioner feedback to product and engineering teams to inform feature design and roadmap decisions.
  • Publish research findings, detection logic, and hunting guidance through blogs, talks, open source, and other public contributions.

Requirements

  • 12+ years of cybersecurity experience in roles such as senior/principal SOC analyst, threat hunter, purple team practitioner, incident responder, or detection engineer.
  • Demonstrated ability to turn threat research into actionable detections and incident response outcomes.
  • Experience conducting original or self-directed threat research that produced novel findings and actionable insights.
  • Broad knowledge of multiple technology stacks and curiosity to learn new platforms.
  • Deep experience with major public clouds such as AWS, Azure, or GCP, including cloud-native logs and telemetry.
  • Understanding of AI-targeted attack techniques such as data poisoning, model theft, or prompt injection, with familiarity in MITRE ATLAS.
  • Proven thought leadership through blogs, LinkedIn articles, or conference presentations.
  • Background in the cybersecurity vendor space and experience giving expert feedback to product and engineering teams.
  • Prior customer-facing technical experience in consulting, remote support, or advisory roles.
  • Hands-on familiarity with offensive security tools such as Atomic Red Team, Sliver, or Cobalt Strike.
  • Scripting or automation experience with Python, PowerShell, or similar tools.
  • Experience with Security Orchestration, Automation, and Response (SOAR) technology.
  • Recognized presence or active participation in the security community through X/Twitter, conferences, or open source.
  • Experience applying AI or machine learning to improve efficiency and automation across the detection rule development lifecycle.

Benefits

  • Expected annual base salary of $162,000 to $190,000.
  • Eligibility for bonus or commission plans for certain roles.
  • Access to company benefits offerings.
  • Opportunity to work on agentic AI-powered SIEM and log analytics at a security-focused platform company.
  • Work that contributes to protecting customers and the broader security community.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Active Directory / Identity Engineer

Keywords Studios 10K-50K Internet Software & Services

Keywords Group is seeking an experienced Active Directory SME and Azure Identity Lead to guide company-wide identity architecture and support global IT across on-premises and cloud environments.

Active Directory Cybersecurity DHCP DNS PowerShell
13 hours, 26 minutes ago

Biology & Biophysics Researchers (India, Part-time)

Weekday 11-50 Construction & Engineering

An AI lab client is hiring part-time life science researchers to help train and evaluate frontier AI systems on advanced biological and biophysical reasoning.

Machine Learning
13 hours, 26 minutes ago

Senior Security Compliance Engineer

Klaviyo 1K-5K IT Services

Klaviyo is seeking a Senior Security Compliance Engineer to help its Security Trust & Risk team automate and scale compliance operations, continuous monitoring, and GRC tooling across a fast-growing AI-first B2C CRM platform.

AWS CI/CD Go HIPAA Kubernetes Python REST API SQL
14 hours, 11 minutes ago

Senior Research Engineer, Threat Intelligence

SecurityScorecard 251-1K IT Services

SecurityScorecard is hiring an engineering-focused Threat Intelligence team member to turn research findings into production-ready detections, feeds, and platform capabilities for STRIKE.

AWS CI/CD Cybersecurity Go Node.js Python Splunk SQL TypeScript
14 hours, 11 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers