About the Team

You will be a member of Netskope Threat Labs, a globally distributed team of security researchers and subject matter experts working together to solve today’s security challenges in new and innovative ways. The primary output of the Threat Labs Team is thought leadership (intelligence, patents, blog posts, reports, conference presentations, webinars, and podcasts) and product improvements (new features, protections against new threats). The Threat Labs Team collaborates closely with the executive, cybersecurity, corporate communications, and marketing teams on thought leadership initiatives, as well as with the product, engineering, and data science teams on product improvements.

Job Overview
We are seeking a seasoned Senior Threat Researcher with deep technical expertise in web, network, and cloud threats to join our globally recognized research team. You will be at the core of our threat hunting and intelligence operations, analyzing a massive and diverse data lake of global telemetry from network, web, and cloud environments to uncover emerging threats, including sophisticated phishing campaigns, compromised devices, and attacks targeting or abusing cloud infrastructure.

The ideal candidate is driven by a desire to make a tangible impact, not just for our customers, but for the entire security community. You will work closely with internal product and engineering teams to ensure that your insights translate into practical defensive measures for our customers, enhancing existing product features and driving innovation. A critical part of this role is sharing your findings with the world. We are seeking a strong communicator who can effectively translate complex, multi-stage attacks into compelling narratives for both the security community and the general public. You will be a key voice in our thought leadership efforts, sharing your research through technical blog posts, in-depth reports, conference presentations, and collaborations with industry partners. You’ll work closely with product management, marketing, and PR to ensure our innovations and insights reach the global stage, helping to make the Internet a safer place.

Key Responsibilities

• Web, Network, and Cloud Threat Analysis: Conduct in-depth investigations into multi-stage threats spanning web, network, and cloud environments. Analyze network traffic, API traffic, and cloud service logs to identify malicious patterns, adversary infrastructure, and attacks.
• Threat Hunting: Use our data platform and advanced analysis tools (e.g., Jupyter, Looker, Spark, SQL) to query and interrogate vast datasets of telemetry, identifying trends and emerging attack techniques that evade traditional defenses.
• Threat Landscape Monitoring: Stay up-to-date with current and emerging threats, providing timely updates and recommendations for public communication.
• Intelligence Sharing & Collaboration: Actively participate in and contribute to the broader security community. Share indicators of compromise (IOCs) and tactical intelligence with trusted partners.
• Public-Facing Research: Author and publish high-impact technical blog posts, white papers, and research reports detailing your findings. Present your research at security conferences and webinars.
• Cross-functional Collaboration: Interface with PR, marketing, and executive teams to provide expert insights and analysis that will shape public communications, press releases, and reports related to cybersecurity trends.

Preferred Qualifications

• Data Analysis: Proficiency in data analysis, scripting, and statistical modeling using tools and languages such as SQL, Python (with libraries like Pandas), and Jupyter Notebooks.
• Community Involvement: Demonstrated experience in sharing intelligence with the security community (e.g., publications, conference talks, active participation in sharing groups).
• AI Model Enhancement: Experience collaborating with data science teams to improve the efficacy of AI-driven security models, providing expert-labeled data, validating model outputs, and providing the contextual understanding needed to detect novel threats in massive datasets.
• Machine Learning: Familiarity with machine learning concepts as they apply to threat detection and experience working with or validating AI-driven security alerts.
• Malware Analysis: Experience performing static and dynamic analysis on malware samples to determine their functionality, extract indicators of compromise (IOCs), and inform detection strategies.

Education

• BSCS or equivalent required, MSCS or equivalent strongly preferred

#LI-NN1