Security Researcher

Reco

$90K — $130K *
US-AnywhereRemote in United States
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years in cybersecurity, ideally in SOC, SIEM, Threat Intelligence, or Cloud Security.
  • Experience addressing SaaS security issues like shadow IT and OAuth risks.
  • Hands-on in security data analysis and log processing.
  • Proficiency in SQL for querying and correlating threat indicators.
  • Strong grasp of identity attacks and SOC detection strategies.
  • Familiar with SIEM and XDR tools such as Splunk or Chronicle.
  • Excellent analytical skills for incident triage and detection optimization.

Responsibilities

  • Analyze terabytes of SaaS data to find new threats and vulnerabilities.
  • Keep current with cybersecurity trends to enhance detection techniques.
  • Investigate complex security incidents across various SaaS platforms.
  • Reduce false positives by optimizing detection algorithms and rules.
  • Engage in community thought leadership through blogs and webinars.
  • Collaborate on new threat detection strategies with researchers and data scientists.
  • Monitor and adapt to evolving SaaS attack techniques.
  • Ingest and correlate security logs from various SaaS APIs.

Benefits

  • Work with leading experts in the cybersecurity field.
  • Opportunity to drive thought leadership in the industry.
  • Access to continuous learning and professional development.
  • Collaborative and innovative work environment.
Full Job Description
Description

We are looking for a Threat Detection Engineer to analyze large-scale SaaS security data, investigate incidents, and develop advanced threat detection strategies.

You will work closely with security researchers and customers to identify emerging threats and improve detection capabilities across SaaS environments.

Responsibilities

  • Threat Analysis and Research: Dive deep into terabytes of SaaS Application data to identify new attack vectors, emerging threats, and vulnerabilities across various attack surfaces.
  • Stay up-to-date with the latest cybersecurity trends and contribute to the development of cutting-edge threat detection methodologies.
  • Incident Investigation: Utilize your technical prowess to investigate complex SaaS & AI security incidents, analyzing data from diverse SaaS applications to uncover the root causes and methods of attack.
  • False Positive Reduction: Leverage your expertise in data analysis and correlation to fine-tune detection rules and algorithms, minimizing false positives and enhancing the accuracy of our platform's threat alerts.
  • Thought Leadership and Community Engagement: Drive thought leadership initiatives by creating technical blog posts, delivering webinars, and speaking at conferences to share insights, educate the community, and enhance the company's reputation in the cybersecurity landscape.
  • Be at the forefront of the Reco mission and work closely with Reco customers regarding cyber security investigations and incidents detected in their environments
  • Collaborate with security researchers and data scientists to define new threat detection strategies based on SaaS attack vectors and industry trends.
  • Continuously monitor and analyze SaaS attack techniques, adapting security posture to evolving threats.
  • Work with APIs and integrations to ingest security logs from various SaaS platforms, correlating signals to detect real threats.

Requirements

  • A background of at least 5 years in cybersecurity, preferably in SOC, SIEM, Threat Intelligence, or Cloud Security
  • Experience with SaaS security challenges, such as shadow IT, OAuth risks, IDP misconfigurations, and excessive permissions.
  • Hands-on experience with security data analysis, including large-scale log processing, anomaly detection, and behavioral analytics.
  • Proficiency in SQL (e.g., ClickHouse) for querying security events and correlating threat indicators.
  • Strong understanding of identity-based attacks, insider threats, and SOC detection methodologies.
  • Familiarity with SIEM and XDR solutions (e.g., Splunk, Sentinel, Chronicle) and their role in modern detection engineering.
  • Strong problem-solving and analytical skills to triage security incidents and optimize detection rules.

Advantages:

  • Familiarity with SaaS security best practices, including least-privilege access, OAuth governance, and SSPM.
  • Knowledge of SaaS security frameworks (e.g., SSPM, CASB).
  • Experience with IDP security (Okta, Azure AD, Google IAM) and detecting identity-related SaaS threats.
  • Hands-on experience with Threat Hunting and / or Detection engineering in SaaS environments.
  • Understanding of SaaS API security and experience analyzing integrations with third-party applications.

Similar Jobs

More Jobs at Reco

  • Security Researcher
    $90K — $130K *
    Wilmington, DE 19805 (New Castle County)
    Information Technology
    In-Person
  • Security Researcher
    $90K — $130K *
    Remote
    Information Technology
    Remote in United States
  • HPE Alliance Director
    $130K — $180K *
    New York, NY 10025 (New York County)
    Enterprise Technology
    In-Person
  • Account Executive, TOLA
    $80K — $120K *
    Wilmington, DE 19805 (New Castle County)
    Technical Services
    In-Person
  • Account Executive, TOLA
    $80K — $120K *
    Remote
    Technical Services
    Remote in United States

More Information Technology Jobs

Find similar Security Researcher jobs: