Threat Hunting Researcher

Vega is one of the fastest-growing startups in cybersecurity, redefining security analytics and operations with an AI-native platform for the SOC. We are building the next-generation operating system for security teams. Vega is already delivering real impact at some of the world’s largest organizations - improving detection, unlocking the value of their security data, and reducing cost and complexity. With HQs in New York and TLV, we're looking for people who want to be a part of the next rocket-ship in cyber.

We're looking for a Threat Hunting Expert to join our team and shape the future of threat detection. In this role, you'll be at the forefront of identifying and analyzing emerging threats, helping to shape the features of our Threat Detection platform. You'll be crafting detection logic and hunting strategies that enable security teams to identify and respond to advanced threats across their entire environment.

What You Will Do

• Work directly with customers to help them solve concrete security pain points and operational use cases using Vega, primarily during POVs and onboarding.
• Perform advanced threat hunting across customer datasets to identify meaningful security findings, including compromise evidence, exploitation indications, suspicious activities, and visibility or posture gaps.
• Build and evolve internal tools and AI-powered capabilities that support threat hunting, anomaly detection, and exploratory analysis.
• Translate immediate customer security needs into ad-hoc security content, including detections, threat hunting notebooks, and investigative workflows.
• Participate in customer-facing sessions alongside Sales Engineers and Technical Account Managers to present findings, explain security context, and walk through Vega’s capabilities and content.
• Deliver technical demonstrations, workshops, trainings, and hands-on sessions that show customers how to use Vega for their security workflows.
• Research emerging threats, including new CVEs and active campaigns, in collaboration with the CTI team, and translate them into immediate detections and threat hunting content.
• Publish public-facing technical content on threat hunting and SecOps, including blog posts, webinars, open-source tools, and research findings.
  
  

• At least 6 years of hands-on experience in security operations, threat hunting, incident response, or detection engineering, working with real production data.
• Strong hands-on experience investigating security events, performing advanced threat hunting, and identifying meaningful findings.
• Deep familiarity with common attack techniques, attacker behavior, and modern threat landscapes across endpoint, identity, network, cloud, and application environments.
• Comprehensive knowledge of security controls and security architectures across cloud, network, identity, application, and endpoint environments.
• Experience working with large-scale security datasets and performing exploratory analysis, anomaly detection, and investigative research.
• Ability to write efficient, readable code and scripts for analysis, automation, and internal tooling used by the team.
• Comfort working directly with customers in technical discussions, explaining findings, tradeoffs, and investigative approaches clearly and practically.
• Experience collaborating with product, engineering, or research teams to influence tooling, workflows, and platform capabilities.
• Strong written communication skills, with the ability to produce clear technical documentation and public-facing content when needed.
• Excellent English communication skills, both written and verbal.
• Curiosity and initiative to research emerging threats, new techniques, and evolving attacker behavior, and apply that research in practice.