Senior Cybersecurity Researcher (Threat Analysis and Detection Engineering)

Acronis is revolutionizing cyber protection—providing natively integrated, all-in-one solutions that monitor, control, and protect the data that businesses and lives depend on. We are looking for a Senior Cybersecurity Researcher to join our mission to create a #CyberFit future and protect all data, applications and systems across any environment.

As a Senior Security Researcher on our global Threat Research Unit, you'll turn threat intelligence into reality-tested detections. You'll design behavioral rules and anomaly detection systems that identify attacker TTPs across diverse environments—from traditional endpoints to cloud workloads and productivity platforms. Your work directly impacts how thousands of organizations detect and respond to threats. You'll expand our XDR ecosystem through strategic integrations, build detection technologies leveraging automation and machine learning, and ensure our detection logic evolves as quickly as the threats we face.

•  Design and implement detection capabilities for Acronis Security and XDR products, with emphasis on behavioral detections and anomaly-based approaches.
• Build and maintain detection logic for adversary tactics, techniques, and procedures (TTPs) across endpoint, cloud, identity, and productivity data sources.
• Research, prototype, and deploy integrations that expand our XDR ecosystem's visibility and detection coverage.
• Lead threat hunting initiatives using data analysis to uncover detection gaps and blind spots.
• Transform threat intelligence and real-world attack patterns into high-fidelity, low-noise detection rules.
• Partner with incident response teams to analyze live attacks and design corresponding detections.
• Monitor and continuously optimize detection pipelines, balancing detection efficacy with operational efficiency.

• Deep understanding of adversary TTPs and how they manifest across diverse environments. You're proficient in several of these areas: Windows, Linux, macOS, cloud platforms (AWS/Azure/GCP), identity systems, or productivity suites like M365.
• 3+ years building detections: behavioral rules, anomaly detection systems, threat hunting analytics—the kind that work in production, not just proof-of-concepts.
• 2+ years conducting threat hunts using EDR/XDR and SIEM platforms, with demonstrated ability to pivot through data to find sophisticated threats.
• Solid grasp of incident response workflows and SOC operations—you understand how detections are used in the real world.
• Hands-on experience working within or alongside SOC teams, seeing how your detections perform under fire and iterating based on feedback.
• Practical coding ability in Python, Java, or Golang for automation, integration, and tooling. You're comfortable with REST APIs, SQL queries, and regular expressions.
• Track record of extending security platforms through integrations and bringing new data sources into detection ecosystems.
• Ability to work with complex, high-volume datasets to identify meaningful behavioral patterns in the noise.
• Data-driven problem-solving mindset with strong analytical skills—you let the data guide your decisions.
• Strong communication skills with the ability to explain complex security concepts to diverse audiences and collaborate effectively across technical and non-technical teams.

WHO WE ARE

Acronis is a global cyber protection company that provides natively integrated cybersecurity, data protection, and endpoint management for managed service providers (MSPs), small and medium businesses (SMBs), enterprise IT departments and home users. Our all-in-one solutions are highly efficient and designed to identify, prevent, detect, respond, remediate, and recover from modern cyberthreats with minimal downtime, ensuring data integrity and business continuity. We offer the most comprehensive security solution on the market for MSPs with our unique ability to meet the needs of diverse and distributed IT environments.

A Swiss company founded in Singapore in 2003, Acronis offers over twenty years of innovation with 15 offices worldwide and more than 1800 employees in 50+ countries. Acronis Cyber Protect is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses.

Our corporate culture is focused on making a positive impact on the lives of each employee and the communities we serve. Mutual trust, respect and belief that we can contribute to the world everyday are the cornerstones of our team. Each member of our “A-Team” plays an instrumental role in driving the success of our innovative and expanding business. We seek individuals who excel in dynamic, global environments and have a never give up attitude, contributing to our collective growth and impact.

Acronis is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, marital status, national origin, physical or mental disability, medical condition, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, gender identity or expression, or any other characteristic protected by applicable laws, regulations and ordinances. 

#L1-WC1