Principal Engineer (Malware Research Scientist)

Druva is the leading provider of data security solutions, empowering customers to secure and recover their data from all threats. The Druva Data Security Cloud is a fully managed SaaS solution offering air-gapped and immutable data protection across cloud, on-premises, and edge environments. By centralizing data protection, Druva enhances traditional security measures and enables faster incident response, effective cyber remediation, and robust data governance. Trusted by nearly 7,500 customers, including 75 of the Fortune 500, Druva safeguards business data in an increasingly interconnected world. Visit druva.com and follow us on LinkedIn, X and Facebook.

As a Malware Research Scientist you will be responsible for establishing a state-of-the-art malware analysis lab, build and lead a small team of researchers, and spearhead hands-on investigations to uncover the intricacies of the latest threats. You will be hands-on in terms of live testing with malware (especially ransomware) in a controlled environment to provide guidance in terms of malware artifacts & indicators of attacks (IOAs) to the engineering and product development team to enhance the security aspects of the product line. 

Key Skills: 

• Proven experience as an Enterprise Security Architect
• Excellent working knowledge of how to model threats & risks as well as the controls necessary to mitigate them, on both an organizational and technical level
• A background in general security practices of cloud security in AWS/Azure/OCI, Linux, M365 application/API security, firewalls, IDS/IPS, sandboxing, threat intelligence, vulnerability assessment and mitigation, SIEM, auditing, encryption, data loss prevention, threat intelligence etc 
• Attained at least one or more certifications: OSCP & SANS certs or other Security certifications
• Strong communication (verbal and written), problem solving, executive presence, and interpersonal skills
• Good technical understanding of malwares behavior, cyber kill chain, incident response and recovery process, forensic data collection, disaster recovery. Direct hands-on experience in at least one of these areas will be preferred

Roles & Responsibilities: 

• Technical Expertise:
• Design and implement a secure malware analysis lab environment.
• Conduct in-depth analysis of malware samples, particularly focusing on ransomware variants.
• Leverage reverse engineering, static analysis, and dynamic analysis techniques to dissect malware behavior.
• Identify and document Indicators of Compromise (IOCs), MITRE TTPs and Indicators of Attacks (IOAs) associated with analyzed malware.
• Analyze the impact of ransomware on data, cloud infrastructure (AWS, Azure, GCP), and SaaS applications (M365, Google Workspace, etc.).
• Develop and implement innovative detection and mitigation strategies to defend against the latest malware and ransomware threats.
• Stay current on emerging threats and trends through ongoing research and threat intelligence gathering.

• Communication & Collaboration:
• Collaborate with Product Managers to understand & stay updated on the customer requirement, help PMs build intricacies of product security features
• Work closely with the marketing team to develop clear and effective product messaging, contribute with research papers and blogs, and communicate product features to the market.
• Translate complex technical findings into clear and concise reports for both technical and non-technical audiences.
• Collaborate with engineering and security teams to integrate threat intelligence findings into security solutions and incident response procedures.
• Present research findings and threat insights to internal stakeholders.

Qualifications:

• Engineering degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). 
• 10+ years of experience in malware analysis and threat research. 
• Proven experience in leading and mentoring a security research team. Interns and freshers 
• In-depth knowledge of malware analysis techniques (reverse engineering, static analysis, dynamic analysis, sandbox environments). 
• Strong understanding of ransomware variants and their impact on various systems (data, cloud infrastructure,SaaS). 
• Excellent written and verbal communication skills.
• Ability to work independently, manage multiple projects, and prioritize effectively.
• Passion for staying ahead of the evolving threat landscape.