Company Overview:
Trellix is a global company redefining the future of cybersecurity. The company's open and native AI-powered security platform helps organizations confronted by today's most advanced threats gain confidence in the protection and resilience of their operations. Trellix's security experts, along with an extensive partner ecosystem, accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 business and government customers.
About the Role:
- Lead reverse engineering and analysis efforts to detect and counter sophisticated attacks, with a focus on kernel-level analysis across Windows, Linux, and macOS.
- Conduct in-depth research on attacker campaigns and techniques to inform detection strategy and improve customer protection.
- Develop and optimize detection rules for behavior-based detection engines, leveraging deep knowledge of OS internals and assembly-level analysis.
- Demonstrate a strong understanding of cybersecurity threats, attack techniques, such as the MITRE ATT&CK framework.
- Collaborate with cross-functional teams to drive exceptional customer experiences and ensure comprehensive protection.
- Design and implement advanced alerting, reporting, and automated detection solutions.
- Stay current on emerging threats and attack techniques to continuously strengthen detection strategies.
- Engage directly with customers to solve their operational issues.
- Monitor system health status for internal infrastructure.
About You:
- 9+ years in cybersecurity research with a proven track record in threat research and detection.
- 5+ years in-depth understanding of Windows, Linux, or macOS, with a focus on kernel-level analysis and system mechanisms.
- 5+ years of experience with Web / Email / Network Security or related fields, capable of both static and dynamic analysis.
- 5+ years of experience with AWS or GCP.
- 5+ years of experience with SQL.
- 5+ years of experience with log management systems, such as Splunk.
- 5+ years of experience with an automation rule authoring system, such as Drools.
- Strong experience in programming or scripting languages (e.g., Python, PowerShell) for automation and analysis.
- Strong knowledge of the cyber threat landscape, including APTs (Advanced Persistent Threats) and modern malware techniques.
- Previous experience in engaging directly with customers.
- Previous experience in efficacy evaluation for monitoring automation quality.
- Previous experience with 3rd party Anti-Virus software performance tests.
- Good knowledge of security partners in the field.
- Preferably with the ability to speak a second language, apart from English.
- Proven leadership in driving complex projects and initiatives, with demonstrated ability to effectively manage multiple priorities and deadlines.
- Demonstrated ability to mentor and develop junior researchers, fostering technical growth and skill development.
- Excellent verbal and written communication skills in English, with the capability to clearly and effectively convey complex technical concepts.
- Ability to work with a global team, across EMEA, North America, and APAC.
- Ability to perform on-call duties.
Company Benefits and Perks:
We believe that the best solutions are developed by teams who embrace each other's unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
- Retirement Plans
- Medical, Dental and Vision Coverage
- Paid Time Off
- Paid Parental Leave
- Support for Community Involvement
We're serious about our commitment to a workplace where everyone can thrive and contribute to our industry-leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.
