Acronis is revolutionizing cyber protection-providing natively integrated, all-in-one solutions that monitor, control, and protect the data that businesses and lives depend on. We are looking for a TRU Researcher to join our mission to create a #CyberFit future and protect all data, applications and systems across any environment.

We are seeking a skilled and driven Threat Researcher to join Acronis' Threat Research Unit. This exciting opportunity offers you the chance to play a key role in proactively defending Acronis customers against evolving cyber threats. As part of our expert team, you will engage in cutting-edge research and collaborate on high-profile security incidents.

WHAT YOU'LL DO

• Conduct in-depth research and actively hunt for both emerging and existing cyber threats, attack techniques, and malware.
• Generate original research leads through exploratory data analysis, pivoting on indicators, and investigating anomalous or low-prevalence activity patterns.
• Develop automation tools to gather malware and threat intelligence data from diverse sources such as product telemetry, the Dark Web, and honeypots. Manage and populate threat intelligence databases with the data collected.
• Track and attribute emerging TTPs and campaigns across malware families, threat actors, and regions.
• Perform reverse engineering of malware and identify novel obfuscation, packer, and C2 techniques to enrich intelligence feeds and produce unique detection content.
• Lead the production of actionable threat intelligence tailored to internal detection teams, external partners, and public-facing reports.
• Maintain, expand, and enrich Acronis' internal threat intelligence platforms and hunting capabilities, including malware collection pipelines, dark web scrapers, and honeypot networks.
• Represent Acronis in the threat intelligence community: publish cutting-edge research, participate in coordinated disclosures, and present findings at leading industry conferences.

WHAT YOU BRING

• A minimum of 3 years experience in threat intelligence, threat hunting, or malware research roles with demonstrable hands-on investigations.
• In-depth understanding of the threat landscape, MITRE ATT&CK, malware TTP tracking, and actor profiling.
• Proficiency in static and dynamic malware analysis, as well as reverse engineering using tools such as IDA Pro and Ghidra.
• Solid knowledge of the TCP/IP network stack, with experience using network analysis tools like Suricata, Zeek, and Wireshark.
• Strong understanding of Windows and Linux operating systems, including their architecture and internals.
• Excellent analytical, problem-solving, and critical thinking abilities.
• Strong written and verbal communication skills, with the ability to present complex technical information to both technical and non-technical audiences.
• Proficiency in English.

PREFERRED QUALIFICATIONS:

• Hands-on experience developing custom threat hunting or enrichment tools in Python, Go, or similar languages.
• Experience discovering new malware variants or infrastructure through passive DNS, WHOIS, TLS certificate analysis, or OSINT