Sr. Threat Researcher

Onwards Together!

Illumio is the leader in ransomware and breach containment, redefining how organizations contain cyberattacks and enable operational resilience. Powered by the Illumio AI Security Graph, our breach containment platform identifies and contains threats across hybrid multi-cloud environments - stopping the spread of attacks before they become disasters.

Recognized as a Leader in the Forrester Wave for Microsegmentation, Illumio enables Zero Trust, strengthening cyber resilience for the infrastructure, systems, and organizations that keep the world running.

At Illumio, we’re pioneering cybersecurity innovation with our Illumio Insights platform, which leverages a dynamic security graph built from network flows, workload inventories, identity data, threat data, and vulnerability data. This graph enables essential functions such as breach risk detection, network segmentation assessment, active breach identification, and intelligent policy recommendations. To accelerate our product evolution, we’re expanding our Threat Research Team with a dedicated expert who will serve as a long-term subject matter expert for the Illumio Insights product team.

We’re looking for a talented Senior Threat Researcher to provide ongoing guidance on threats, threat intelligence, attacker behaviors, and TTP mapping. You’ll analyze large-scale security datasets, map real-world adversary activity, identify gaps, and collaborate closely with product teams to translate insights into enhanced detection, data enrichment, and strategic direction. This role bridges threat research, detection engineering, and product innovation, offering a unique opportunity to impact how global organizations defend against advanced cyber threats.

• Analyze large-scale security datasets to identify attacker behaviors, patterns, TTPs (Tactics, Techniques, and Procedures), and emerging risks.
• Map observed behaviors to the MITRE ATT&CK framework and real-world adversary tradecraft.
• Leverage the security graph to model attack paths and uncover opportunities to reduce the risk of lateral movement.
• Identify gaps in detection coverage, data enrichment, and segmentation effectiveness.
• Develop and validate hypotheses about evolving threats using research and intelligence sources.

• Partner closely with Product and Engineering teams to translate research findings into concrete improvements.
• Enhanced detection logic and analytics.
• Improved data tagging, enrichment, and graph quality.
• More actionable customer-facing risk insights.
• Recommend segmentation strategies and policy improvements to strengthen breach containment and limit lateral movement.
• Contribute to internal threat models and risk frameworks that directly inform product roadmap decisions.

• Provide expert guidance on emerging threats observable in our platform and their implications for customers.
• Support product, sales, and customer-facing teams with research-backed insights and threat context.
• Contribute to internal research, patents, and future external publications as the function maturing.
• Track global adversary evolution to help shape long-term detection and risk strategies.

• 5+ years of experience in threat research, incident response, detection engineering, or adversary emulation.
• Strong understanding of attacker tradecraft across enterprise, cloud, and hybrid environments.
• Deep familiarity with the MITRE ATT&CK framework and real-world TTP mapping.
• Hands-on experience working with security telemetry sources.
• Excellent written and verbal communication skills, with the ability to translate complex findings into clear, actionable insights.
• Comfort working in ambiguous environments and helping define new functions.
• Experience writing detection rules, analytics queries, or conducting threat hunting.

• 7–10+ years in threat intelligence or security research roles.
• Experience analyzing security graphs or graph-based analytics for threat detection.
• Background in network segmentation,…