Senior Cybersecurity Researcher

About Cervello

Cervello is an advanced OT risk exposure platform designed to help organizations focus on what truly matters in complex industrial and critical environments. By combining deep network visibility, protocol intelligence, and AI‑driven analysis, Cervello identifies, prioritizes, and explains operational and cyber risks across OT and IT/OT convergence layers.

We are building a research‑driven product. Our cybersecurity researchers shape how Cervello understands networks, protocols, behaviors, and real‑world attack paths — turning raw data into actionable risk insight.

We are looking for a Senior Cybersecurity Researcher to lead deep technical research across OT networks, industrial protocols, and attack techniques. This role sits at the intersection of network security, protocol analysis, anomaly detection, and applied AI.

You will research how industrial networks behave, how they fail, and how they are attacked — and translate that knowledge into detection logic, policies, risk models, and AI‑assisted analysis within Cervello.

• Research OT, IT/OT, and industrial network architectures, including real‑world deployment patterns and constraints
• Analyze network traffic to understand normal vs. abnormal behavior across industrial and enterprise protocols
• Dissect, reverse‑engineer, and document standard and proprietary protocols at the packet and session level
• Design and validate detection logic and policies, ranging from deterministic rules to AI‑based and behavioral models
• Develop anomaly‑detection approaches for communications, assets, configurations, and operational workflows
• Identify and model attack scenarios, kill chains, and misconfiguration risks in OT environments
• Collaborate with product and engineering teams to translate research into product features and risk scoring
• Continuously explore and evaluate new technologies, protocols, and attack techniques relevant to OT security
• Innovate with AI/ML and LLM‑based approaches to enrich analysis, summarization, and prioritization of risk
• Conduct Red Team operations and comprehensive penetration testing targeting client networks, systems, operating systems, and applications.

• Network and protocol research that directly influences Cervello’s risk and impact models
• Policy frameworks for identifying exposure, unsafe behaviors, and operational risk
• AI‑assisted detection and reasoning engines for anomaly identification and risk explanation
• Advanced analysis of real customer traffic and environments (safely and ethically)
• New ways to represent and communicate risk across complex, interconnected systems

• 5+ years of experience in cybersecurity, network security, or security research
• Strong understanding of networking fundamentals (TCP/IP, routing, switching, segmentation, VLANs, etc.)
• Proven experience analyzing network traffic (e.g., PCAPs) and building detections from it
• Deep familiarity with security concepts such as attack surfaces, threat modeling, and adversary techniques
• Experience working with or researching industrial / OT protocols (or a strong ability to ramp up quickly)
• Ability to analyze and reverse‑engineer undocumented or proprietary protocols
• Hands‑on mindset with scripting or tooling
• Curiosity, creativity, and the ability to independently explore unfamiliar technologies



• Experience with OT/ICS environments, industrial automation, or critical infrastructure
• Background in anomaly detection, behavioral analytics, or applied machine learning
• Experience integrating AI or LLMs into security analysis workflows
• Publications, conference talks, or prior research roles
• Familiarity with graph‑based analysis or large‑scale data correlation

• Work on hard, unsolved problems at the intersection of OT, networking, and AI
• Influence a product at its core - your research directly shapes how risk is detected and prioritized
• Freedom to explore, experiment, and innovate
• Highly technical, collaborative team with a strong research culture
• Real‑world impact on the security and resilience of operational environments