Threat Research Engineer

About Position:As a Threat Intelligence Engineer, you will join an industry-leading team dedicated to tracking threat actors, malware, phishing campaigns, and TTPs (Tactics, Techniques, and Procedures). Your work will directly impact on the effectiveness of detection capabilities, the quality of threat intelligence, and the protection of customers. This role is ideal for someone passionate about analyzing attacker techniques and using that knowledge to develop effective countermeasures at scale.Role: Threat Research Engineer Location: Bengaluru, Pune, Hyderabad, Gurgaon, Mumbai Experience: 6+ Years Job Type: Full Time EmploymentWhat You'll Do:Stay updated on the constantly evolving cyber threat landscape. Conduct threat hunting and contribute to threat intelligence initiatives. Research and understand the latest TTPs used by threat actors to evade detection. Analyze phishing websites, email-based threats, and malware behavior to craft detection rules using static pattern matching and behavioral (sandbox) systems. Assist with reverse engineering malware executables for Windows when required. Apply critical thinking to identify efficient and effective mitigation strategies. Collaborate with researchers to address detection issues and resolve false positives quickly. Work effectively as part of a remote team using chat, video conferencing, and collaboration tools. Partner with engineering teams to define requirements for continuous improvement of detection capabilities. Utilize SQL for querying threat data, reporting, and analysis.Expertise You'll Bring:Passion for threat research, threat hunting, and a strong understanding of security threat landscape and threat actor TTPs. Hands-on experience with malware analysis (both static and dynamic). Knowledge of email security technologies (phishing detection, SMTP protocols, DMARC, SPF, DKIM). Ability to write Python code fluently for automation and detection rule development. Proficiency in SQL for data analysis and reporting. Experience writing malware sandbox behavioral signatures in Python (preferred). Familiarity with reverse engineering tools such as IDA Pro, Ghidra, or Binary Ninja (expertise not required). Ability to interpret forensic output from dynamic analysis (sandbox) environments. Experience working with malware sandboxes (e.g., Cuckoo, Joe Sandbox, Any Run, Triage). Strong ability to work independently and collaboratively in a distributed team environment.Benefits:Competitive salary and benefits package Culture focused on talent development with quarterly growth opportunities and company-sponsored higher education and certifications Opportunity to work with cutting-edge technologies Employee engagement initiatives such as project parties, flexible work hours, and Long Service awards Annual health check-ups Insurance coverage: group term life, personal accident, and Mediclaim hospitalization for self, spouse, two children, and parentsValues-Driven, People-Centric & Inclusive Work Environment:Persistent Ltd. is dedicated to fostering diversity and inclusion in the workplace. We invite applications from all qualified individuals, including those with disabilities, and regardless of gender or gender preference. We welcome diverse candidates from all backgrounds. We support hybrid work and flexible hours to fit diverse lifestyles. Our office is accessibility-friendly, with ergonomic setups and assistive technologies to support employees with physical disabilities. If you are a person with disabilities and have specific requirements, please inform us during the application process or at any time during your employmentLet’s unleash your full potential at Persistent -persistent.com/careers“Persistent is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind.”