Veeam is looking for a Security Researcher / Threat Hunter to proactively identify threats, detect malicious activity, and uncover potential risks across their SaaS platform, focusing on continuous improvement of detection capabilities, threat intelligence ingestion, and investigation of abnormal behaviors in their cloud-native environment.
Requirements
- Hands-on experience with SIEM tools (Microsoft Sentinel preferred), including writing KQL queries and custom analytics rules
- Experience in cloud environments (especially Azure) and SaaS application telemetry
- Strong understanding of attacker TTPs, including lateral movement, persistence, and cloud-native attack techniques
- Familiarity with threat intelligence platforms and open-source tools (e.g., MISP, VirusTotal, YARA, Shodan)
- Ability to analyze logs, correlate events, and identify indicators of compromise in real-time
- Experience with detection-as-code, SOAR platforms, and automating threat response
- Familiarity with MITRE D3FEND, threat modeling techniques, or cyber deception
Responsibilities
- Developing threat detection strategies and hypotheses based on emerging attack techniques, threat actor behavior, and threat intelligence
- Performing proactive threat hunts across cloud telemetry (Azure), SaaS logs, and endpoint signals to detect unknown or stealthy threats
- Researching vulnerabilities, malware trends, TTPs, and threat actor campaigns relevant to our industry and infrastructure
- Collaborating with cloud, product, and infrastructure teams to ensure logging, detection, and response capabilities are properly configured
- Tuning and optimizing detection rules and alerts in SIEM/SOAR platforms
- Building detections for cloud-native environments, including Azure Defender for Cloud, Entra ID, and Microsoft 365
- Supporting incident response investigations by providing context, enrichment, and root cause analysis
Other
- 3+ years of experience in a security research, threat hunting, or SOC detection engineering role
- A collaborative, analytical mindset and a passion for staying ahead of evolving threats
- English proficiency level sufficient to communicate with international teams
- If the applicant is permanently present outside of the Czech Republic, Veeam reserves the right to refuse to consider the application for a job. Remote job is only possible in case the employee is located in the Czech Republic.
- Contributions to threat research communities, blogs, or open-source tools
