Senior Researcher

Endpoint, Identity, AI & Research

Tel Aviv (HaShalom) | Hybrid Working Model

About Us

We are an early-stage cybersecurity startup building foundational endpoint security technology at the intersection of identity, behavior, and AI.

We focus on hard security problems: real attackers, real constraints, and detection systems that must work at scale, under pressure. Our team values deep technical thinking, strong opinions, and pragmatic execution. If you enjoy conducting deep security research and building detection content that prevents real threats, and working alongside top-tier engineers who do the same, this role is for you.

The Role

We are hiring a Senior Detection Engineer with deep, hands-on experience in endpoint telemetry, security research, and threat detection.

You will operate at the intersection of security research and product engineering. Your primary objective is to research novel attack vectors and translate those findings into robust, production-grade detections and content that power our core security products and engines.

You will have substantial influence over our detection architecture, research priorities, and the security content we ship, with a critical focus on building advanced detection capabilities across diverse endpoint environments, particularly Linux and macOS.

What You’ll Do

• Deliver core detection content: Design, implement, and maintain advanced detection capabilities that are shipped directly into our security products.
• Conduct original security research: Investigate advanced attacker techniques, OS-specific evasion methods, and exploit primitives across Windows, Linux, and macOS.
• Productize threat intelligence: Translate complex threat intel and your own original research findings into actionable, high-fidelity detection logic for our customer base.
• Build detections based on deep OS internals, endpoint telemetry, and behavioral signals.
• Analyze real-world attacks and evasion techniques to uncover blind spots and improve the overall detection, prevention, and resilience of our products.
• Collaborate closely with product and core engineering teams to close detection gaps and shape the product roadmap.

What We’re Looking For

• 6+ years of experience in detection engineering, security research, or endpoint security product development.
• 3+ years of experience working in a cybersecurity product company.
• Proven track record in security research, malware analysis, reverse engineering, or deep-dive OS internals.
• Hands-on experience writing, maintaining, and operationalizing Sigma / Yara rules.
• Deep, hands-on understanding of Linux and macOS internals, native telemetry (e.g., Auditd, eBPF, Endpoint Security Framework), and OS-specific attack vectors.
• Deep understanding of attacker techniques, TTPs, and real-world intrusion patterns.
• Experience writing and tuning complex detection logic (behavioral rules, analytics, correlations) for broad deployment.
• Strong ability to reason logically about false positives, evasion techniques, and the performance impact of detection logic on endpoints.
• Excellent communication skills, including clear written and spoken English.