Phishing Threat Researcher
Job Summary
Job Description
The Phishing Threat Researcher role involves investigating phishing campaigns, validating false negatives and false positives, and supporting data science teams in dataset generation and labeling. The ideal candidate will be hands-on, analytical, and capable of bridging the gap between threat intelligence and machine learning engineering. Responsibilities include investigating phishing incidents, analyzing samples to produce reports, collaborating with the Data Science team, monitoring emerging phishing trends and creating documentation.
Must have:
- 5+ years of experience in threat research.
- Strong understanding of phishing tactics (BEC, Social Engineering).
- Experience analyzing phishing emails and web payloads.
- Comfort with Linux, shell scripting, and CLI-based workflows.
- Proficiency in Python for scripting and data analysis.
- Familiarity with email header analysis (SPF, DKIM, DMARC).
- Exposure to machine learning ecosystems and terminology.
- Excellent written communication skills.
- Familiarity with YARA rules and detection logic.
Good to have:
- Experience working in a SOC or threat hunting.
- Past contributions to threat intelligence or reverse-engineering.
12 skills required
Job Details
Phishing Threat Researcher
The Company: Varonis (Nasdaq: VRNS) is a leader in data security, fighting a different battle than conventional cybersecurity companies. Our cloud-native Data Security Platform continuously discovers and classifies critical data, removes exposures, and detects advanced threats with AI-powered automation.
Thousands of organizations worldwide trust Varonis to defend their data wherever it lives — across SaaS, IaaS, and hybrid cloud environments. Customers use Varonis to automate a wide range of security outcomes, including data security posture management (DSPM), data classification, data access governance (DAG), data detection and response (DDR), data loss prevention (DLP), and insider risk management.
The Role: We are seeking a Phishing Threat Researcher. This role focuses on investigating phishing campaigns, validating FNs & FPs, and supporting our data science teams in dataset generation and labeling. The ideal candidate should be hands-on, analytical, and capable of bridging the gap between threat intel and ML engineering.
The Requirements:
- 5+ years of experience in threat research, ideally in cybersecurity, fraud, or related risk-focused domains
- Strong understanding of email phishing tactics (BEC, Social Engineering and Phishing Links), SMTP, URL analysis, and brand impersonation techniques.
- Experience analyzing phishing emails and web payloads (screenshots, HTML, redirections, credential harvesting flows).
- Comfort with Linux, shell scripting, and CLI-based investigation workflows.
- Proficiency in Python for scripting and quick data analysis.
- Familiarity with email header analysis (SPF, DKIM, DMARC etc.).
- Exposure to machine learning ecosystems and terminology—enough to communicate intelligently with ML engineers and understand model behavior.
- Excellent written communication skills for generating threat reports and explaining complex technical findings to internal and external stakeholders.
- Familiarity with YARA rules, regular expressions, and detection logic.
Nice to Have:
- Experience working in a SOC, handling abuse inboxes, or threat hunting workflows.
- Past contributions to threat intelligence or reverse-engineering phishing kits.
The Responsibilities:
- Investigate complex phishing incidents seen in a customer environment or discovered in the wild
- Analyze phishing samples and produce detailed reports on attack vectors, payloads, and social engineering techniques.
- Collaborate with the Data Science team by labeling phishing samples, evaluating model outputs, and suggesting edge cases for improvement.
- Monitor emerging phishing trends and build internal datasets and synthetic test
scenarios using GenAI
- Create documentation and playbooks to enable repeatable, high-quality analysis and triage.
We invite you to check out our Instagram Page to gain further insight into the Varonis culture!
@VaronisLife
Varonis is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, and other legally protected characteristics
Similar Jobs
DataVisor
Vancouver, British Columbia, Canada (Remote)
• 4 Months ago
bytedance
San Jose, California, United States (On-Site)
• 6 Months ago
San Bruno, California, United States (On-Site)
• 4 Months ago
Get notifed when new similar jobs are uploaded
Similar Skill Jobs
Rippling
San Francisco, California, United States (On-Site)
• 4 Months ago
bytedance
Ho Chi Minh City, Ho Chi Minh City, Vietnam (On-Site)
• 6 Months ago
Stackblitz
San Francisco, California, United States (Remote)
• 4 Weeks ago
Get notifed when new similar jobs are uploaded
Jobs in United States
hogarth
Sunnyvale, California, United States (Hybrid)
• 2 Months ago
Open Systems Technologies
Ann Arbor, Michigan, United States (On-Site)
• 2 Months ago
whoop
Boston, Massachusetts, United States (On-Site)
• 2 Months ago
Get notifed when new similar jobs are uploaded
Research Development Jobs
USE Insider
Istanbul, İstanbul, Türkiye (Remote)
• 4 Weeks ago
Morning Star
Mumbai, Maharashtra, India (Hybrid)
• 2 Months ago
C3 IoT
Redwood City, California, United States (On-Site)
• 1 Month ago
Illumina
Singapore, Singapore (Hybrid)
• 2 Months ago
bytedance
Seattle, Washington, United States (On-Site)
• 9 Months ago
Get notifed when new similar jobs are uploaded
