Cybersecurity Researcher (Threat Analysis and Detection …, Singapore

Acronis protects every workload — from endpoints to cloud — through the industry's only all-in-one cyber protection platform. Our Threat Research Unit (TRU) sits at the center of that mission: we hunt adversaries, dissect campaigns, and build the detection logic that keeps millions of systems safe. We're looking for a Cybersecurity Researcher (Labs) who thrives on outsmarting threat actors and has the autonomy to pursue original research and present findings to the broader security community.

• Research adversary tactics, techniques, and procedures (TTPs) and translate them into detection and prevention capabilities for Acronis Security and EDR products.
• Analyze malicious and benign content — executables, scripts, documents, memory dumps, network traffic, exploit chains — to identify indicators and behavioral patterns.
• Develop, tune, and maintain detection logic, signatures, and behavioral rules across multiple expression languages and rule formats.
• Monitor and improve automated detection pipelines to maintain high efficacy and low false-positive rates.
• Track emerging threats through open-source intelligence, telemetry analysis, and threat feeds to ensure coverage keeps pace with the landscape.
• Collaborate with scan engine and product engineering teams on joint research projects and new security features.
• Publish original research through blog posts, whitepapers, and conference presentations.

• Deep understanding of modern attack techniques, common malware families, OS internals (Windows required; macOS and Linux are a plus), and network protocols.
• 5+ years of hands‑on experience in malware analysis (static, dynamic, behavioral), detection engineering, threat hunting, incident response, or insider threat investigation.
• Proven ability to develop detection logic — YARA, Sigma, EQL, KQL, custom behavioral signatures, or other formats.
• Comfortable working with threat intelligence platforms and frameworks: VirusTotal, Shodan, MISP, MITRE ATT&CK, or similar.
• Software development skills in Python; familiarity with REST APIs, SQL, and regex. C/C++ is a plus.
• Strong analytical thinking, relentless curiosity, and motivation to succeed in a fast‑paced, distributed environment.
• Solid written and spoken English.
• Nice to have: proactive threat hunting using EDR/XDR platforms; background at a security vendor or on a dedicated threat intelligence team; familiarity with machine learning approaches to threat detection; network traffic analysis skills (Wireshark, Zeek); published security research or conference talks.

Please submit your resume and application in English.

Acronis is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, marital status, national origin, physical or mental disability, medical condition, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, gender identity or expression, or any other characteristic protected by applicable laws, regulations and ordinances.