Job Description

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Principal Security Researcher – Threat Defense

Location: Pune, India (Hybrid) / Remote

Department: Research

The Mission

We are seeking a Security Researcher who is a builder, not just an analyst. Bridging the gap between advanced threat research and active defense, you will lead a R&D mandate to design engines that pinpoint real customer risk. You bring a rare blend of deep security expertise (Zero-days, CVEs, Exploits) and software engineering rigor to drive operational excellence at scale.

You will serve as a key player in our Research Department, moving beyond standard vulnerability analysis to build next-generation detection capabilities. Your work will directly influence our threat defense engine.

What You’ll Be Doing:

• Conduct deep-dive research into emerging attack vectors to analyze vulnerability data and identify potential attack paths.
• Assess vulnerability risks to develop tailored, actionable mitigation strategies and plans that address security gaps in critical systems.
• Rapidly architect and build prototypes, PoCs, and detection tools. You won’t just theorize; you will write code (Python/Go/C) to test security hypotheses and demonstrate feasibility.
• Design and validate algorithms based on network and application telemetry to detect complex exploit primitives (RCE, SQLi, Memory Corruption) at the execution boundary.
• Partner with R&D and Product teams to translate complex research findings into production-grade security features, ensuring our engine evolves faster than the threat landscape.
• Articulate security visions and research findings to the broader community through blogs, webinars, and industry conferences, reinforcing Qualys as a thought leader in the space.

The DNA We Need

We are looking for a technologist with a hacker mindset—someone who loves to explore how things work under the hood and prefers architecting solutions over maintaining legacy views.

• 5+ years of experience in security research or low-level software engineering, with a focus on advanced threat detection and deep attack analysis.
• Proven ability to develop robust PoCs and tools. You are comfortable reading and writing code in modern frameworks (Python, Go, or similar).
• Strong understanding of the Linux ecosystem, OS internals, and cloud-native environments.
• A track record of taking a vulnerability or theoretical attack method and converting it into a concrete detection rule or defensive tool.
• Excellent written and verbal communication skills in English. You can effectively explain complex kernel-level concepts to stakeholders and present findings.

Preferred Background:

• Experience applying advanced AI/ML and LLMs to solve complex security challenges, automating expert tradecraft such as code analysis or adversarial simulation, to transform manual research workflows into autonomous, scalable defense engines.
• Experience with eBPF, syscall tracing, or memory management.
• Experience in architecting secure systems and deploying detection mechanisms to mitigate risk.
• Experience building or securing developer-focused tools and pipelines.
• Demonstrated ability to work independently in a fast-paced, unstructured environment where you wear multiple hats.

Why Join?

This is a role for a creator. You will have the mandate to innovate, the freedom to research, and the resources to build engines that define the state of the art in cyber defense.