Security Researcher

We are seeking a skilled and driven Security Researcher to join the Guardz Research Unit. This role is ideal for someone passionate about uncovering modern threats, analyzing complex attack patterns, and building advanced detection logic that directly impacts real-world defenses.
As part of a highly collaborative research team, you will investigate evolving attacker techniques across cloud, identity, email, and endpoint environments, and translate deep technical research into actionable detections and product capabilities. This is a hands-on role focused on understanding adversary behavior and strengthening Guardz’ ability to detect, prevent, and respond to sophisticated cyber threats across platforms such as Microsoft 365, Google Workspace, Entra ID, email, and endpoint.

Responsibilities:

• Conduct in-depth research and analysis of identity, email, and endpoint threats.
• Investigate attacker abuse patterns, misconfigurations, and security gaps across Entra ID, Microsoft 365, Google Identity, and Google Workspace.
• Analyze real-world attack data to identify emerging techniques, trends, and detection gaps.
• Translate complex threat scenarios and research insights into actionable detection rules, policies, and product controls.
• Collaborate closely with product and engineering teams to transform research into impactful security features and customer protections.
• Build and maintain a strong internal knowledge base of attacker methodologies, detection strategies, and response playbooks.
• Map research findings to industry frameworks such as MITRE ATT&CK and the Cyber Kill Chain.
• Support red-teaming efforts, penetration testing initiatives, and threat simulations to validate detection effectiveness and coverage.

Requirements:

• 3+ years of experience in security research, threat analysis, or security misconfiguration assessment.
• 3+ years of hands-on experience in Tier 2 / Tier 3 security operations, including incident response, threat hunting, and threat mitigation.
• 2+ years of focused experience in Identity Security.
• Strong proficiency in SQL, with the ability to analyze large datasets and uncover attack patterns in cloud environments.
• Solid experience working with cybersecurity frameworks such as MITRE ATT&CK and the Cyber Kill Chain.
• Hands-on experience with red-teaming, penetration testing, or detection & response in Microsoft 365 and/or Google Workspace environments.
• Proficiency in Python or similar scripting/programming languages.
• Broad technical understanding of network, operating system, and cloud security technologies, including EDR, XDR, SIEM, SOAR, and email security solutions.
• Excellent written and verbal communication skills; fluent English is required.