Threat Research Engineer (100% remote)

Threat Research Engineer (100% remote)

• 💰 Salary: $70,000-$95,000/year

• 🌎 100% remote

• 🕦 Full-time position, long-term

• ☑️ Contract of Employment, B2B or Employer of Record

We are seeking a Threat Research Engineer to join our client, an innovative cybersecurity company operating in a fast-paced, startup environment. This role will focus on researching emerging attack techniques, building scalable detection content, and helping enterprises strengthen their defenses in cloud and SaaS ecosystems. It is a hands-on, high-impact position that combines security research with engineering in modern, data-driven environments

Requirements

• Minimum 4-5 years of professional experience in threat research, detection engineering, or SOC operations

• Solid experience working with SIEM platforms (e.g., Splunk, Elastic, Microsoft Sentinel, QRadar) and strong background in Security Operations, including incident detection, investigation, and response.

• Proficiency in Python and/or Go (other programming languages a plus)

• Strong written and spoken communication skills, including the ability to document and present technical findings, and speak at conferences

• Proven background in developing and deploying detection content for SIEM, EDR, or cloud-native logging platforms

• Strong knowledge of attacker behavior and techniques (MITRE ATT&CK, red-team emulation, threat intel)

• Ability to create scalable detection rules using query and scripting languages (SQL, Sigma, KQL, Splunk SPL, Elastic DSL)

• Experience with large-scale data analysis (parsing, enriching, aggregating logs and telemetry)

• Familiarity with cloud security monitoring across AWS, Azure, and GCP

• Exposure to detection-as-code concepts and analytics platforms such as Elasticsearch, OpenSearch, or data lakes

Responsibilities

• Investigate and analyze novel attack methods in cloud, endpoint, and identity environments

• Design and implement detection pipelines that filter noisy telemetry and highlight meaningful security insights

• Write and maintain detection content, including queries, correlation rules, and enrichment logic

• Test and validate detection effectiveness using adversary simulation, dataset analysis, and red-team methodologies

• Partner with internal teams and customers to deliver tailored detection capabilities

• Contribute to incident response by providing threat detection and analysis expertise

• Produce documentation, research reports, and internal knowledge-sharing material

• Engage with the broader security community by sharing insights and contributing to best practices

• Speak at conferences and evangelize cutting-edge threat detection techniques and concepts

• Support the development of methodologies and frameworks for detection engineering within the organization

Get to know DevsData

We are a technology consulting company and a recruitment agency, delivering software solutions to clients from Europe and the US. We work 100% remotely, in an international team. We employ people with experience in international corporations as well as the ones from the best technical and business universities.

Find out more: https://devsdata.com