Acronis is revolutionizing cyber protection-providing natively integrated, all-in-one solutions that monitor, control, and protect the data that businesses and lives depend on. We are looking for a Senior Cybersecurity Researcher to join our mission to create a #CyberFit future and protect all data, applications and systems across any environment.

As a Senior Security Researcher on our global Threat Research Unit, you'll turn threat intelligence into reality-tested detections. You'll design behavioral rules and anomaly detection systems that identify attacker TTPs across diverse environments-from traditional endpoints to cloud workloads and productivity platforms. Your work directly impacts how thousands of organizations detect and respond to threats. You'll expand our XDR ecosystem through strategic integrations, build detection technologies leveraging automation and machine learning, and ensure our detection logic evolves as quickly as the threats we face.

What You'll Do:

• Design and implement detection capabilities for Acronis Security and XDR products, with emphasis on behavioral detections and anomaly-based approaches.
• Build and maintain detection logic for adversary tactics, techniques, and procedures (TTPs) across endpoint, cloud, identity, and productivity data sources.
• Research, prototype, and deploy integrations that expand our XDR ecosystem's visibility and detection coverage.
• Lead threat hunting initiatives using data analysis to uncover detection gaps and blind spots.
• Transform threat intelligence and real-world attack patterns into high-fidelity, low-noise detection rules.
• Partner with incident response teams to analyze live attacks and design corresponding detections.
• Monitor and continuously optimize detection pipelines, balancing detection efficacy with operational efficiency.

What You Bring (Experience & Qualifications):

• Deep understanding of adversary TTPs and how they manifest across diverse environments. You're proficient in several of these areas: Windows, Linux, macOS, cloud platforms (AWS/Azure/GCP), identity systems, or productivity suites like M365.
• 3+ years building detections: behavioral rules, anomaly detection systems, threat hunting analytics-the kind that work in production, not just proof-of-concepts.
• 2+ years conducting threat hunts using EDR/XDR and SIEM platforms, with demonstrated ability to pivot through data to find sophisticated threats.
• Solid grasp of incident response workflows and SOC operations-you understand how detections are used in the real world.
• Hands-on experience working within or alongside SOC teams, seeing how your detections perform under fire and iterating based on feedback.
• Practical coding ability in Python, Java, or Golang for automation, integration, and tooling. You're comfortable with REST APIs, SQL queries, and regular expressions.
• Track record of extending security platforms through integrations and bringing new data sources into detection ecosystems.
• Ability to work with complex, high-volume datasets to identify meaningful behavioral patterns in the noise.
• Data-driven problem-solving mindset with strong analytical skills-you let the data guide your decisions.
• Strong communication skills with the ability to explain complex security concepts to diverse audiences and collaborate effectively across technical and non-technical teams.