Staff Detection Engineer Windows, Identity Security

We are looking for talented detection engineers who approach the world differently, explore hunting live, beat the system, and challenge it. They should address tough security problems and deliver solutions quickly.

• You will be responsible for detecting the newest identity threats. The role includes end‑to‑end responsibility for behavior‑based detection capabilities, starting from researching attack techniques and designing new methods to detect or prevent them, and implementing them in the product.
• You will develop and use internal research tools, PoCs, and discover new ways to detect/prevent identity‑based attacks (e.g., Pass the Hash, Silver ticket, MFA bypass, etc.).
• At the end of the day your deliveries will enhance the security of dozens of millions of Windows endpoints protected by our platform.

• 3 years of experience in malware analysis (static and dynamic).
• 3 years of experience with C.
• Excellent understanding of Windows Internals – how core system components (processes, threads, virtual memory, etc.) work behind the scenes.
• Experience with identity‑based attacks (Pass the Hash, Silver ticket, MFA bypass, etc.) – advantage.
• Experience with analysis tools such as IDA, WinDBG, SysInternals, etc.
• Kernel development experience – advantage.
• Advanced C – advantage.
• Understanding of existing AV internals – advantage.

Because you will work on real‑world problems with risks of millions of dollars (protecting against ransomware and other threats) and make an impact by preventing our customers from appearing in global news after being attacked. You will join a technologically cutting‑edge project and be able to influence the architecture design and building of our core platform. You will meet extraordinary challenges and work with the very best in the industry.

• Flexible working hours – this is a remote role based within Italy; we provide IWG pass to major coworking chains.
• Optionally for those willing to relocate to the Czech Republic, relocation assistance is available for any candidates already eligible to work in the EU.
• Generous employee stock plan in the form of RSUs (restricted stock units) – 4 years vesting with 1 year cliff and then quarterly stock refresh yearly.
• Yearly bonus depending on the performance of the company paid out in 2 installments.
• Global gender‑neutral parental leave (16 weeks beyond the leave provided by local laws) and grandparent leave.
• Volunteering paid day off & additional paid company holidays (e.g., 4 days in 2022).
• Global employee assistance program (confidential counseling related to both personal and work‑life matters).
• Udemy Business platform for hard/soft skill training & support for your further educational activities/training.
• Above‑standard referral bonus.
• Additional country‑specific benefits to Italy.

Employment type: Full‑Time

Experience: years

Vacancy: 1