Now is an amazing time to join Nozomi Networks as we build the future of OT and IoT cybersecurity.
We defend some of the world’s largest organizations and critical infrastructure in more than 68 countries and we’re just getting started. Our AI-powered cybersecurity platform secures operational technology (OT) and Internet of Things (IoT) infrastructures for enterprises and government entities across energy, manufacturing, transportation, resources, and critical infrastructure.
As Nozomi Networks continues to expand our product portfolio and global presence, our Security Research department is looking for a Malware Analysis Tech Lead to guide and grow the team responsible for reverse engineering malicious samples, developing high-quality detection signatures, producing actionable threat intelligence, and sharing research findings with customers, partners, and the broader cybersecurity community.
This is a hands-on leadership role for someone who combines deep technical expertise in malware analysis and detection engineering with the ability to mentor others, set technical direction, and communicate complex findings clearly. You will lead a team focused on identifying, analyzing, and tracking advanced threats, with a particular emphasis on creating reliable detections that strengthen our products and help protect critical infrastructure around the world.
You could be the next “Nozomier”! If this sounds like you, read on.
In this role, you will:
- Lead the team creating and curating various detection rules within our product, acting as a manager and as an individual contributor
- Help the support team address the customer feedback associated with these detections
- Perform threat intelligence operations to collect and maintain all the required knowledge to respond efficiently to advanced threats
- Contribute to the technical material shared with the public
- Embody the Nozomi Networks Cultural Pillars and our mission to protect what matters most with transparency and trust
To be successful in this opportunity, you should have:
- Industry experience as an IT manager
- Ability to perform reverse engineering using debuggers, understanding specifics of MZ-PE and ELF executables
- Experience in creating some of these signatures: YARA, SNORT or SURICATA, STIX, and SIGMA
- Experience speaking at cybersecurity conferences presenting findings in a clear way
- Familiarity with the MITRE ATT&CK framework and cyber kill chains
- Understanding of the OSI model and an ability to use Wireshark
- Basic experience with Python
- Attitude to operate in environments including data covered by non-disclosure agreements and a high level of confidentiality
These qualifications would be a strong plus:
- Proven experience in reverse engineering using analysis tools like IDA PRO, Ghidra, OllyDBG, x64dbg, radare2, etc
- Fundamental understanding of attributes of binary files such as executable structures and packers
- Previous professional experience as a Detection Engineer, SOC Analyst or a Threat Hunter
Who we are and what we stand for:
Nozomi Networks is the leader in OT and IoT Cybersecurity. We protect the world's critical infrastructure, industrial and government organizations from cyber threats by providing exceptional network visibility, threat detection and operational insight. We’re always innovating and we hire the best at what they do to ensure our customers always have access to fast product enhancements, exceptional engineering support and rapid deployment across continents. If you like a challenge, and value integrity and customer success, we invite you to help Nozomi Networks build the future of OT and IoT cybersecurity.
Diversity, Inclusion and Belonging are part of our core beliefs, at Nozomi Networks. Diversity of thought, background and culture broadens our knowledge of the world and helps us learn, grow, and gain new perspectives. What makes us all different is what makes us powerful.
Our Global Benefits
All of our benefits are customized to the country you are based in, naturally we want to get the best out of our Nozomiers, so we provide the best benefits packages, such as:
- Health & Wellness
- Financial
- Work-Life Balance
- Unparalleled Flexible Time-Off
Need to know information
Successful candidates will be subjected to background verification checks.
Be cautious of unsolicited messages, fake email addresses, requests for money and unclear job descriptions. Report suspicious activity to authorities. Our open job opportunities and descriptions are posted on Nozomi Networks' career page. If in any doubt please apply for opportunities on our careers website here.
If you would like to know more about our Privacy Policy, please click here. Any questions about how we process personal information, or if you would like help exercising your privacy rights please contact us using the email provided within the Privacy Policy.
Skills Required
- Experience creating signatures such as YARA, SNORT or SURICATA, STIX, and SIGMA
- Familiarity with the MITRE ATT&CK framework and cyber kill chains
- Understanding of the OSI model and ability to use Wireshark
- Basic experience with Python
- Ability to operate with data under non-disclosure agreements and high confidentiality
- Proven reverse engineering experience using tools like IDA Pro, Ghidra, OllyDBG, x64dbg, radare2
- Fundamental understanding of binary file attributes, executable structures, and packers
- Previous professional experience as a Detection Engineer, SOC Analyst, or Threat Hunter
What We Do
We accelerate digital transformation by protecting the world’s critical infrastructure, industrial and government organizations from cyber threats. Our solution delivers exceptional network and asset visibility, threat detection, and insights for OT and IoT environments. Customers rely on us to minimize risk and complexity while maximizing operational resilience.
