Security Researcher

Veeam, the #1 global market leader in data resilience, believes businesses should control all their data whenever and wherever they need it. Veeam provides data resilience through data backup, data recovery, data portability, data security, and data intelligence. Based in Seattle, Veeam protects over 550,000 customers worldwide who trust Veeam to keep their businesses running. Join us as we move forward together, growing, learning, and making a real impact for some of the world's biggest brands. The future of data resilience is here - go fearlessly forward with us.

About the Role

We are looking for a Security Researcher / Threat Hunter to join our Security Engineering team to help proactively identify threats, detect malicious activity, and uncover potential risks across our SaaS platform. This role is focused on continuous improvement of our detection capabilities, threat intelligence ingestion, and the investigation of abnormal behaviors in our cloud-native environment.

What You'll Do

• Developing threat detection strategies and hypotheses based on emerging attack techniques, threat actor behavior, and threat intelligence
• Performing proactive threat hunts across cloud telemetry (Azure), SaaS logs, and endpoint signals to detect unknown or stealthy threats
• Researching vulnerabilities, malware trends, TTPs, and threat actor campaigns relevant to our industry and infrastructure
• Collaborating with cloud, product, and infrastructure teams to ensure logging, detection, and response capabilities are properly configured
• Tuning and optimizing detection rules and alerts in SIEM/SOAR platforms
• Building detections for cloud-native environments, including Azure Defender for Cloud, Entra ID, and Microsoft 365
• Supporting incident response investigations by providing context, enrichment, and root cause analysis
• Contributing to the development of playbooks, detection-as-code, and knowledge sharing across security and engineering teams

Technologies You'll Work With

• Azure Defender for Cloud, Microsoft Sentinel, Entra ID, Microsoft 365 Defender
• Microsoft Graph API, Azure Resource Graph, KQL, Sysmon
• Threat intel feeds (STIX/TAXII), Sigma rules, MITRE ATT&CK framework
• PowerShell, Python, Kusto Query Language (KQL)
• Log sources: Azure activity logs, Entra ID logs, endpoint telemetry, SaaS app logs (e.g., GitHub, Atlassian, Slack)

What You'll Bring

• 3+ years of experience in a security research, threat hunting, or SOC detection engineering role
• Strong understanding of attacker TTPs, including lateral movement, persistence, and cloud-native attack techniques
• Hands-on experience with SIEM tools (Microsoft Sentinel preferred), including writing KQL queries and custom analytics rules
• Familiarity with threat intelligence platforms and open-source tools (e.g., MISP, VirusTotal, YARA, Shodan)
• Ability to analyze logs, correlate events, and identify indicators of compromise in real-time
• Experience in cloud environments (especially Azure) and SaaS application telemetry
• A collaborative, analytical mindset and a passion for staying ahead of evolving threats
• English proficiency level sufficient to communicate with international teams

Bonus Skills

• Experience with detection-as-code, SOAR platforms, and automating threat response
• Familiarity with MITRE D3FEND, threat modeling techniques, or cyber deception
• Contributions to threat research communities, blogs, or open-source tools
• Blue team certifications (GCTI, GCFA, GCIA, Azure Security Engineer Associate, etc.)
• Knowledge of reverse engineering, static/dynamic malware analysis  

What You'll Get

• 25 vacation days, four sick days, 21 paid medical leave days, plus 3 extra global VeeaMeDays for self-care
• Premium private medical insurance for employees and dependents
• Daily meal vouchers for restaurants and groceries
• Flexible cafeteria platform with thousands of lifestyle benefit options
• Multisport Card for gym and wellness, with family add-on options
• Annual public transport reimbursement up to a set limit
• Corporate mobile plan with optional family tariff
• 24 paid volunteer hours annually through Veeam Cares
• Professional training and education, including courses and workshops, internal meetups, and unlimited access to our online learning platforms (LinkedIn Learning, Athena, O'Reilly) and mentoring through our MentorLab program

Please note: If the applicant is permanently present outside of the Czech Republic, Veeam reserves the right to refuse to consider the application for a job. Remote job is only possible in case the employee is located in the Czech Republic.

#LI-EZ1
#LI-Remote

Veeam Software is an equal opportunity employer and does not tolerate discrimination in any form on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state or local law. All your information will be kept confidential.

Please note that any personal data collected from you during the recruitment process will be processed in accordance with our Recruiting Privacy Notice.  

The Privacy Notice sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by us in connection with our recruitment processes. 

By applying for this position, you consent to the processing of your personal data in accordance with our Recruiting Privacy Notice.

By submitting your application, you acknowledge that the information provided in your job application and any supporting documents is complete and accurate to the best of your knowledge. Any misrepresentation, omission, or falsification of information may result in disqualification from consideration for employment or, if discovered after employment begins, termination of employment.

---