Threat Detection Researcher

We're Vega! One of the fastest growing start-ups in Cybersecurity - redefining the limits of Security Analytics and Operations.

We've raised a $65M Series A from Cyberstarts, Accel, Redpoint and CRV, to build a platform that will become the new AI-Native operating system for the SOC. We're already making a huge impact on some of the world's largest companies - improving their detection, unlocking their data and saving them money. Want to join us and be a part of the journey? This is your chance!

We're looking for a Threat Detection Researcher to join our team and shape the future of threat detection. In this role, you'll be at the forefront of identifying and analyzing emerging threats, helping to shape the features of our Threat Detection platform. You'll be crafting detection logic and hunting strategies that enable security teams to identify and respond to advanced threats across their entire environment.

WHAT YOU WILL DO

• Develop and maintain a dynamic repository of detection logics for the Vega solutions, covering a wide range of data sources and environments, across the entire kill chain.
• Research common and newly-emerged attack vectors and tactics, to determine if and how can they be effectively monitored and detected.
• Perform visibility and detection assessments to develop accurate and valuable enhancement recommendations for Vega’s clients, and document the thought and assessment process to assist establishing automated capabilities for these efforts.
• Create organized threat hunting hypotheses and list of analyses, including guidelines, to continuously provide Vega’s clients with opportunities and ideas to perform proactive activities in their Vega solution.
• Help create alert-testing mechanisms and content for Vega’s solution demos, such as through creating and managing a lab environment to generate logs and evidence of real-life attack scenarios.
• Work closely with the product team to define user stories, identify common SecOps pain points, and explore feature opportunities.
• Support the creation of technical marketing materials, such as threat detection approaches and threat hunting blogs.

Requirements

WHAT YOU WILL BRING

• 5+ years of hands-on cybersecurity experience in SecOps, threat hunting, or incident response
• Deep understanding of the cyber threat landscape and attack methodologies
• Strong expertise in security log analysis and SIEM technologies
• Comprehensive knowledge of security controls across cloud, network, and endpoint environments
• Experience with multiple platforms (Windows, Linux, AWS, Azure, GCP)
• Proficiency in query languages such as SPL, KQL or SQL, and security analysts platforms
• Strong technical writing and documentation skills
• Fluent English communication skills (verbal and written)