Principal Engineer ( Malware Research Scientist )

Druva, the autonomous data security company, puts data security on autopilot with a 100% SaaS, fully managed platform to secure and recover data from all threats. The Druva Data Security Cloud ensures the availability, confidentiality, and fidelity of data - providing customers with autonomous protection, rapid incident response, and guaranteed data recovery. The company is trusted by its more than 6,000 customers, including 65 of the Fortune 500, to defend business data in today’s ever-connected world. Amidst a rapidly evolving security landscape, Druva offers a $10 million Data Resiliency Guarantee ensuring customer data is protected and secured against every cyber threat. Visit druva.com and follow us on LinkedIn,X and Facebook.

As a Malware Research Scientist you will be responsible for establishing a state-of-the-art malware analysis lab, build and lead a small team of researchers, and spearhead hands-on investigations to uncover the intricacies of the latest threats. You will be hands-on in terms of live testing with malware (especially ransomware) in a controlled environment to provide guidance in terms of malware artifacts & indicators of attacks (IOAs) to the engineering and product development team to enhance the security aspects of the product line. 

Key Skills: 

• Proven experience as an Enterprise Security Architect
• Excellent working knowledge of how to model threats & risks as well as the controls necessary to mitigate them, on both an organizational and technical level
• A background in general security practices of cloud security in AWS/Azure/OCI, Linux, M365 application/API security, firewalls, IDS/IPS, sandboxing, threat intelligence, vulnerability assessment and mitigation, SIEM, auditing, encryption, data loss prevention, threat intelligence etc 
• Attained at least one or more certifications: OSCP & SANS certs or other Security certifications
• Strong communication (verbal and written), problem solving, executive presence, and interpersonal skills
• Good technical understanding of malwares behavior, cyber kill chain, incident response and recovery process, forensic data collection, disaster recovery. Direct hands-on experience in at least one of these areas will be preferred

Roles & Responsibilities: 

• Technical Expertise:
• Design and implement a secure malware analysis lab environment.
• Conduct in-depth analysis of malware samples, particularly focusing on ransomware variants.
• Leverage reverse engineering, static analysis, and dynamic analysis techniques to dissect malware behavior.
• Identify and document Indicators of Compromise (IOCs), MITRE TTPs and Indicators of Attacks (IOAs) associated with analyzed malware.
• Analyze the impact of ransomware on data, cloud infrastructure (AWS, Azure, GCP), and SaaS applications (M365, Google Workspace, etc.).
• Develop and implement innovative detection and mitigation strategies to defend against the latest malware and ransomware threats.
• Stay current on emerging threats and trends through ongoing research and threat intelligence gathering.

• Communication & Collaboration:
• Collaborate with Product Managers to understand & stay updated on the customer requirement, help PMs build intricacies of product security features
• Work closely with the marketing team to develop clear and effective product messaging, contribute with research papers and blogs, and communicate product features to the market.
• Translate complex technical findings into clear and concise reports for both technical and non-technical audiences.
• Collaborate with engineering and security teams to integrate threat intelligence findings into security solutions and incident response procedures.
• Present research findings and threat insights to internal stakeholders.

Qualifications:

• Engineering degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). 
• 12 to 15 years of experience in malware analysis and threat research. 
• Proven experience in leading and mentoring a security research team. Interns and freshers 
• In-depth knowledge of malware analysis techniques (reverse engineering, static analysis, dynamic analysis, sandbox environments). 
• Strong understanding of ransomware variants and their impact on various systems (data, cloud infrastructure,SaaS). 
• Excellent written and verbal communication skills.
• Ability to work independently, manage multiple projects, and prioritize effectively.
• Passion for staying ahead of the evolving threat landscape.