Find Your Next Career
Golang Developer (3 to 5yrs)
Staff Software Engineer
Sr. Software Engineer
Senior Software Engineer
Desktop Support Engineer
Software Development Engineer UI
Software QA Engineer
Security Researcher
SDET (Python, Playwrite)
Associate SDET (Python, Core Java)
SDET
SDET
SDET
Staff Software Development Engineer in Test
Staff Software Development Engineer
Senior Security Researcher
Senior Software Development Engineer
Senior Staff Security Researcher
Staff UI Developer ( ReactJs + AWS )
SDET
DevOps/Senior Software Engineer
Strategic Sourcing Specialist (Procurement)
Enterprise Account Manager - Turkey
Senior Software Development Engineer
Senior Product Manager
Senior Machine Learning Engineer
Senior Data Scientist
Software Development Engineer
Sr Software Development Engineer
Sr. Solution Consultant
Staff Software Development Engineer in Test
Senior Software Development Engineer in Test
Software Development Engineer in Test
Sr Staff Security Researcher - EDR
Associate Solutions Consultant
Senior Software Development Engineer
Software Architect
Director, Technical Marketing, Network Security
Technical Support Engineer - German Speaking
Sr. Software Development Engineer
Deal Desk Analyst (Japanese language)
Enterprise Account Manager - Public Sector
Software Sales Engineer
Software Sales Engineer
Software Development Engineer (C++, Linux)
Senior Product Manager II - Security Platform
Software Development Engineer
Site Reliability Engineer
Solution Consultant
Pricing Specialist
View all jobs

Security Researcher

ID: JR0035716

India, Bangalore

Apply Now

Job Title:

Security Researcher

About Trellix:

Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work. Our comprehensive, GenAI-powered platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions.
We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at https://www.trellix.com/.

Role Overview:

We’re looking for a Email Security Researcher to join our Email Security Research Team. In this role, you will focus on identifying and mitigating advanced email-borne threats—spam, Business Email Compromise (BEC), vishing, and targeted impersonation campaigns. You’ll leverage open-source and commercial tools, develop detection rules, and collaborate with global SOC teams to continuously improve our email threat-detection capabilities.

Key Responsibilities

  • Threat Analysis & Hunting:

    • Review large volumes of email traffic to identify malicious patterns, emerging spam campaigns, BEC tactics, vishing attempts, and impersonation fraud.

    • Perform root-cause analysis on incidents and produce actionable intelligence.

  • Rule Development & Tuning:

    • Author and maintain detection signatures in Snort, YARA, ClamAV, and SpamAssassin.

    • Optimize rule performance to minimize false positives/negatives.

  • Automation & Tooling:

    • Develop Python scripts and serverless functions (AWS Lambda or GCP Cloud Functions) to automate email parsing, feature extraction, and alerting.

    • Integrate detection engines into SIEM and SOAR platforms.

  • Collaboration & Reporting:

    • Work closely with SOC analysts, incident responders, and product teams to triage alerts, refine workflows, and deploy new detection logic.

    • Communicate findings and recommendations through clear technical reports and dashboards.

  • Continuous Improvement:

    • Stay current on attacker tactics (TTPs), new phishing/vishing toolkits, and protocol-level evasion techniques (e.g., sender forging, DMARC bypass).

    • Contribute to threat-intel feeds and internal knowledge bases.

Basic Qualifications

  • Experience: 5-8 years total with 3–5 years in email security research or detection engineering, with a focus on spam, BEC, vishing, and impersonation.

  • Tools & Technologies:

    • Rule engines: Snort, YARA, ClamAV, SpamAssassin

    • Scripting: Python (experience with email libraries—imaplib, email, etc.)

    • Cloud platforms: AWS or GCP (Lambda/Functions, serverless compute, storage)

  • Email Protocols & Forensics: Proficient with SMTP, MIME, DKIM, DMARC, SPF, and email header analysis.

  • Analytical Skills: Strong capability to sift through raw logs and MIME bodies to uncover malicious indicators.

  • Communication: Clear written and verbal skills to document findings for technical and non-technical audiences.

Preferred Qualifications

  • Machine Learning & Analytics: Hands-on experience applying ML or statistical methods to email threat detection (e.g., feature engineering, anomaly detection, clustering).

  • Global SOC Environment: Prior work in a 24×7 Security Operations Center supporting multi-region email volumes.

  • Threat Intelligence Integration: Familiarity with integrating open-source or commercial intel feeds into detection pipelines.

  • Scripting & Infrastructure as Code: Experience with Terraform, CloudFormation, or similar for automated deployment of detection infrastructure.

Company Benefits and Perks:

We believe that the best solutions are developed by teams who embrace each other's unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.

  • Retirement Plans

  • Medical, Dental and Vision Coverage

  • Paid Time Off

  • Paid Parental Leave

  • Support for Community Involvement

We're serious about our commitment to a workplace where everyone can thrive and contribute to our industry-leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Apply Now
Share This Job