Varonis is seeking a Phishing Threat Researcher to investigate phishing campaigns, validate findings, and support data science teams in generating and labeling datasets to enhance their data security platform's ability to detect advanced threats.
Requirements
- Strong understanding of email phishing tactics (BEC, Social Engineering and Phishing Links), SMTP, URL analysis, and brand impersonation techniques.
- Experience analyzing phishing emails and web payloads (screenshots, HTML, redirections, credential harvesting flows).
- Comfort with Linux, shell scripting, and CLI-based investigation workflows.
- Proficiency in Python for scripting and quick data analysis.
- Familiarity with email header analysis (SPF, DKIM, DMARC etc.).
- Exposure to machine learning ecosystems and terminology—enough to communicate intelligently with ML engineers and understand model behavior.
- Familiarity with YARA rules, regular expressions, and detection logic.
Responsibilities
- Investigate complex phishing incidents seen in a customer environment or discovered in the wild
- Analyze phishing samples and produce detailed reports on attack vectors, payloads, and social engineering techniques.
- Collaborate with the Data Science team by labeling phishing samples, evaluating model outputs, and suggesting edge cases for improvement.
- Monitor emerging phishing trends and build internal datasets and synthetic test scenarios using GenAI
- Create documentation and playbooks to enable repeatable, high-quality analysis and triage.
Other
- 5+ years of experience in threat research, ideally in cybersecurity, fraud, or related risk-focused domains
- Excellent written communication skills for generating threat reports and explaining complex technical findings to internal and external stakeholders.
- Experience working in a SOC, handling abuse inboxes, or threat hunting workflows.
- Past contributions to threat intelligence or reverse-engineering phishing kits.
