Find Your Next Career
Staff UI Developer ( ReactJs + AWS )
Software Engineer
Staff Software Engineer
Associate SDET
SDET
DevOps/Senior Software Engineer
Strategic Sourcing Specialist (Procurement)
Enterprise Account Manager - Italy
Enterprise Account Manager - Turkey
Senior Software Development Engineer
Senior Product Manager
Senior Machine Learning Engineer
Senior Data Scientist
Software Development Engineer
Sr Software Development Engineer
Sr. Software Engineer
Sr. Solution Consultant
Staff Software Development Engineer in Test
Senior Software Development Engineer in Test
Software Development Engineer in Test
Sr Staff Security Researcher - EDR
Associate Solutions Consultant
Software Development Engineer Fullstack
Senior Software Development Engineer
Software Architect
Director, Technical Marketing, Network Security
Technical Support Engineer - German Speaking
Technical Support Engineer - German Speaking
Sr. Software Development Engineer
Deal Desk Analyst (Japanese language)
Software Development Engineer - UI Developer
Enterprise Account Manager - Public Sector
Software Sales Engineer
Software Sales Engineer
Senior SDET
Senior SDET
Associate Software Development Engineer in Test (Linux, Python and Testing)
Senior Software Engineer
Software Development Engineer (C++, Linux)
Software Development Engineer
Software QA Engineer
Staff Software Development Engineer
Director, Technical Marketing Endpoint Security
Senior Product Manager II - Security Platform
Technical Support Engineer - French Speaking
Software Development Engineer
Site Reliability Engineer
Solution Consultant
Federal Civilian Account Manager
Senior Security Researcher
View all jobs

Sr Staff Security Researcher – EDR

ID: JR0036092

Remote United States
Remote Canada

Job Title:

Sr Staff Security Researcher – EDR

About Trellix:

Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work. Our comprehensive, GenAI-powered platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions.
We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at https://www.trellix.com/.

Role Overview:

We are seeking a highly skilled and deeply technical Sr. Staff Security Researcher to join our research team and lead innovation in the detection capabilities of our EDR product. This strategic role combines hands-on research, reverse engineering, and detection development with architectural vision and cross-functional collaboration. You will investigate emerging attack techniques, design novel detection approaches, and help shape the future of our EDR platform. The role also includes opportunities to publish technical blogs, present at industry conferences, and contribute to community research—showcasing your work and advancing the broader security field.

Key Responsibilities

  • Lead efforts to reverse engineer sophisticated malware, identifying malicious code, obfuscation techniques, and communication protocols. 

  • Author advanced detection rules for behavior-based detection engines.

  • Conduct comprehensive research on attacker campaigns and techniques to support detection investments and enhance customer experience.

  • Develop and optimize generic threat detection strategies based on static and dynamic detection engines.

  • Drive innovation in EDR detection and prevention capabilities, identifying new research directions and turning ideas into production-grade features.

  • Demonstrate a strong understanding of cybersecurity threats, sophisticated attack techniques, and the MITRE ATT&CK framework.

  • Perform advanced proactive and reactive threat hunting to identify detection issues such as misses or misclassifications from large-scale datasets.

  • Respond to escalations to resolve detection effectiveness issues (misclassifications, false positives, and false negatives).

  • Collaborate with cross-functional teams within the product organization including product management, engineering and research to drive exceptional customer experiences and ensure comprehensive protection.

  • Develop advanced alerting, reporting, and automated detection solutions.

  • Stay abreast of the latest cybersecurity threats, attack techniques, detection evasion tactics, OS features, and industry developments.

  • Build and maintain tools and automation to improve productivity and detection efficacy.

  • Utilize machine learning techniques to enhance threat detection and response capabilities.

  • Serve as a mentor to junior researchers, providing technical guidance and fostering a strong research culture.

  • Publish blogs, speak at security conferences, and engage with the security research community to share insights and elevate our team’s presence.

Qualifications

  • 10+ years of experience in security research, reverse engineering, malware analysis, or detection development using Snort, Yara, Sandbox, or proprietary detection engines.

  • 7+ years of experience performing threat hunting or deep familiarity with incident response procedures, processes, and tools.

  • 7+ years of experience querying and analyzing large datasets.

  • Deep technical knowledge of modern attack techniques (e.g., process hollowing, reflective DLL injection, UAC bypass, credential dumping, network pivoting).

  • Strong familiarity with MITRE ATT&CK, threat modeling, and telemetry architecture.

  • Extensive hands-on experience with reverse engineering and debugging tools and techniques (e.g., IDA Pro, Ghidra, WinDbg, x64dbg).

  • Expertise in programming and scripting with C++ and Python, including production-level experience in shipping large-scale security or system software.

  • In-depth understanding of operating system internals (e.g., Windows system calls, ETW, kernel callback routines, WFP, and driver development).

  • Hands-on experience with vulnerability research, including fuzzing, binary diffing, mitigation bypass, and exploitation.

  • Demonstrated experience designing and delivering detection logic across multiple OSs (Windows/macOS/Linux) in a production EDR context.

  • Experience with applying machine learning techniques to cybersecurity problems.

  • Experience leading complex cross-functional security initiatives or projects.

  • Proven ability to mentor and develop junior researchers.

  • Strong communication and technical writing skills, with experience authoring technical blogs or presenting at security conferences.

Company Benefits and Perks:

We believe that the best solutions are developed by teams who embrace each other's unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.

  • Retirement Plans

  • Medical, Dental and Vision Coverage

  • Paid Time Off

  • Paid Parental Leave

  • Support for Community Involvement

We're serious about our commitment to a workplace where everyone can thrive and contribute to our industry-leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Share This Job