Senior Cybersecurity Researcher

2 Minutes ago • 5-7 Years • Cyber Security

Job Summary

Job Description

Fortra is seeking a seasoned Senior Cybersecurity Researcher to join their cyber defense team. This hands-on role focuses on detection engineering, enhancing capabilities across Data Loss Prevention (DLP) and Endpoint Detection & Response (EDR) platforms. The mission involves proactively hunting for, identifying, and building high-fidelity detections to stop advanced threats and prevent data exfiltration. The ideal candidate excels at reverse-engineering application behavior, understanding data movement, and building robust rules to counter attackers.
Must have:
  • Design, develop, test, and maintain sophisticated detection rules and policies within EDR and DLP solutions.
  • Conduct deep-dive analysis of application, operating system, and network behaviors using tools like Procmon, Sysmon, and Wireshark.
  • Proactively hunt for advanced persistent threats (APTs), insider threats, and novel data exfiltration techniques.
  • Utilize Python, JSON, and XML to create, manage, and automate detection logic, policies, and response actions.
  • Develop and map detection logic against industry-standard frameworks, with a heavy emphasis on the MITRE ATT&CK framework.
  • Act as a senior technical escalation point for the Security Operations Center (SOC), providing expert analysis on complex alerts and security incidents.
  • 5-7+ years of experience in Detection Engineering, Threat Hunting, or Senior SOC Analyst roles.
  • Expert-level, hands-on experience with a major EDR platform or enterprise DLP solution.
  • Strong proficiency in Python, JSON, and XML for building and managing detection logic.
  • Demonstrated expertise in profiling applications and system-level processes using Sysmon and Sysinternals suite.
  • Deep, practical understanding of modern data exfiltration techniques and the attacker lifecycle.
  • Proven ability to apply the MITRE ATT&CK framework to threat modeling and detection engineering.
  • Self-starter mentality with ability to operate independently and drive projects to completion.
Good to have:
  • Relevant industry certifications (e.g., GIAC GCIH, GCFA, GREM, CISSP).
  • Experience with cloud environments (AWS, Azure, GCP) and their native security tooling.
  • Proficiency with SIEM query languages like Splunk SPL or Kusto Query Language (KQL).
  • Experience with macOS.
  • Experience with network forensics and packet analysis.
  • Contributions to the security community (e.g., open-source tool development, research papers, blog posts).
Perks:
  • Competitive benefits and salaries
  • Personal and professional development opportunities
  • Flexibility

Job Details

Whether you’re an experienced professional or just getting started, your contributions matter at Fortra. If you’re passionate about tackling meaningful challenges alongside talented team members committed to helping each other succeed, all while having lots of fun, we want to hear from you. We offer competitive benefits and salaries, personal and professional development opportunities, flexibility, and much more!

At Fortra, we’re breaking the attack chain. Ready to join us?

Fortra is looking for a seasoned and proactive Senior Cybersecurity Researcher to join our front-line cyber defense team. This is a critical, hands-on role for a technical expert who can hit the ground running with detection engineering. You'll be responsible for engineering and enhancing our detection capabilities across both our Data Loss Prevention (DLP) and Endpoint Detection & Response (EDR) platforms.

Your mission will be to proactively hunt for, identify, and build high-fidelity detections to stop advanced threats and prevent data exfiltration. If you excel at reverse-engineering application behavior, understanding how data moves, and building robust rules to stop attackers in their tracks, this role is for you.

WHAT YOU'LL DO

  • Build & Tune Detections: Design, develop, test, and maintain sophisticated detection rules and policies within our EDR and DLP solutions to identify malicious activity and data exfiltration patterns.
  • Technical Analysis: Conduct deep-dive analysis of application, operating system, and network behaviors. You'll use tools like Procmon, Sysmon, Wireshark, and others to understand underlying functions and identify opportunities for detection.
  • Threat Hunting: Proactively hunt for advanced persistent threats (APTs), insider threats, and novel data exfiltration techniques across the enterprise.
  • Code & Automate: Utilize Python, JSON, and XML to create, manage, and automate detection logic, policies, and response actions.
  • Framework Alignment: Develop and map detection logic against industry-standard frameworks, with a heavy emphasis on the MITRE ATT&CK framework, to ensure comprehensive coverage of adversary tactics and techniques.
  • Incident Response Support: Act as a senior technical escalation point for the Security Operations Center (SOC), providing expert analysis on complex alerts and security incidents.
  • Mentorship: Mentor junior analysts and engineers, sharing your expertise in threat detection and system analysis to elevate the team's overall capability.
  • Other duties as assigned.

QUALIFICATIONS

  • 5-7+ years of experience in a senior cybersecurity role such as Detection Engineering, Threat Hunting, or a Senior SOC Analyst position.
  • Expert-level, hands-on experience with either a major EDR platform or an enterprise DLP solution.
  • Strong proficiency in scripting and data interchange formats, specifically Python, JSON, and XML, for building and managing detection logic.
  • Demonstrated expertise in profiling applications and system-level processes using tools like Sysmon and the Sysinternals suite (Procmon, ProcExp, etc.).
  • A deep, practical understanding of modern data exfiltration techniques (e.g., DNS tunneling, data staging, hiding in legitimate traffic) and the attacker lifecycle.
  • Proven ability to apply the MITRE ATT&CK framework to threat modeling and detection engineering in a practical, measurable way.
  • A self-starter mentality with the ability to operate independently and drive projects to completion with minimal supervision.

PREFERRED QUALIFICATIONS

  • Relevant industry certifications (e.g., GIAC GCIH, GCFA, GREM, CISSP).
  • Experience with cloud environments (AWS, Azure, GCP) and their native security tooling.
  • Proficiency with SIEM query languages like Splunk SPL or Kusto Query Language (KQL).
  • Experience with macOS.
  • Experience with network forensics and packet analysis.
  • Contributions to the security community (e.g., open-source tool development, research papers, blog posts).

Similar Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Skill Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Jobs in United States

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Cyber Security Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

At Fortra, we’re not just responding to cyber threats but anticipating them, planting obstacles, and breaking the attack chain. Fortra is a global cybersecurity company offering advanced offensive and defensive security solutions that deliver comprehensive protection across the cyber kill chain. Armed with a team of passionate experts driven by a shared purpose, we work together to empower our clients with the tools, intelligence, and expertise to safeguard what matters most. Fortra provides equal opportunity to all employees and applicants without regard to race, color, creed, religion, national origin, sex, sexual orientation, disability, genetic information, status as a covered veteran, age, marital status, membership or activity in a local human rights commission, status with regard to public assistance or any other protected characteristic.

United States (On-Site)

Armenia (On-Site)

United States (On-Site)

United States (On-Site)

Argentina (On-Site)

United States (On-Site)

United States (On-Site)

View All Jobs

Get notified when new jobs are added by Fortra

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug