Cyber Security Researcher
Job Description:
Description:
We are seeking a technically strong and curious Cyber Security Researcher to join
our Security Operations Center (SOC) team. This role involves researching
evolving cybersecurity techniques, tools, and standards, and translating those
insights into technical solutions, PoCs, and operational enhancements.
You will collaborate with Product Managers, SOC Analysts, and Development
teams to support the design and improvement of detection logic, security workflows,
and platform capabilities. If you’re passionate about diving into academic research,
security frameworks, and experimenting with PoCs—this role is for you.
Key Responsibilities:
Conduct structured research on cyber defense strategies, adversary
tradecraft (e.g., MITRE ATT&CK TTPs), and modern detection methodologies
including IDS/IPS tuning, packet analysis, and behavior-based analytics.
Analyze and synthesize content from technical research papers, threat
intelligence feeds, vulnerability databases (e.g., CVE, CWE, CAPEC), and
industry standards (e.g., NIST, ISO, CISA advisories).
Develop and validate Proof-of-Concepts (PoCs) for detection logic, telemetry
enrichment, security automation workflows, or EDR/SIEM rule tuning using
tools like YARA, Sigma, Zeek, Wazuh and Suricata.
Translate complex cybersecurity research into actionable feature
requirements and detection enhancements in collaboration with Product
Management.
Collaborate with Engineering and SOC teams to design, test, and deploy
detection pipelines, log ingestion rules, and enrichment mechanisms in
platforms such as Splunk, ELK, or Microsoft Sentinel.
Prepare clear and concise technical documentation, detection logic
explainers, internal advisories, and research briefs for engineering and SOC
consumption.
Maintain and enhance internal detection rulesets, enrichment scripts, and
threat response content in line with evolving threat landscapes and platform
capabilities.
Continuously align detection content and SOC workflows with industry
frameworks such as MITRE ATT&CK, D3FEND, NIST 800-53/800-61, and
ISO/IEC 27001.
Present research findings and detection strategies to cross-functional teams,
demonstrating strong written and verbal communication skills.
Qualifications:
Bachelor’s/Master’s/PhD degree in Cybersecurity, Computer Science,
Information Technology, or a related technical field.
3+ years in a cybersecurity-focused role, including internships, research
projects, or academic contributions.
Strong knowledge of core cybersecurity domains:
o Network security (TCP/IP, IDS/IPS, packet analysis).
o Operating system internals (Windows/Linux security primitives).
o Security controls (IAM, encryption, logging, EDR/SIEM
integrations).
o Familiarity with detection and investigation tooling such as:
o YARA, Sigma, Suricata, OSQuery, Zeek, Wazuh.
o SIEM platforms (e.g., Splunk, ELK, Microsoft Sentinel).
o EDR tools (e.g., CrowdStrike, Defender for Endpoint).
o Understanding of data formats (JSON, YAML), REST APIs, and
basic log analysis.
Strong documentation and presentation skills — ability to explain complex
technical topics in a structured manner.
Familiarity with CVE databases, CWE, CAPEC, and vulnerability scoring
systems (CVSS) is a plus.
Preferred Qualifications:
PhD candidates will be preferred.
Key Skills :
Company Profile
Department of Science and Technology to drive technology development, technology translation, entrepreneurship development, human resource, and skill development on Cyber-Physical Systems
Apply Now
- Interested candidates are requested to apply for this job.
- Recruiters will evaluate your candidature and will get in touch with you.