Senior Principal Threat Researcher
Hybrid · Bengaluru, Karnataka, India
Job Summary
Senior Principal Threat Researcher at Saviynt leading Identity Threat Research for ITDR. Responsibilities include spearheading identity-centric attack research across hybrid/multi-cloud environments, building data-driven behavioral models from telemetry, translating research into product features and robust detection algorithms, conducting proactive threat intelligence and threat hunting for identity vulnerabilities (e.g., AD, Entra ID, Okta, PAM, cloud IAM), mapping research to MITRE ATT&CK/ATLAS/MAESTRO, developing advanced detection strategies and telemetry, authoring blogs/reports, pursuing patents, and mentoring junior researchers. Requires 12+ years in cybersecurity with 5+ years in senior threat research roles; strong scripting (Python/Go/Bash), SIEM/DPO tools (Splunk SPL, KQL), YARA/Snort rule development, and IAM/pam/cloud identity expertise. Willing to work in a hybrid model from Bengaluru and travel globally.
Required Qualifications
- 12+ years of cybersecurity experience
- 5+ years in Threat Research, Threat Intelligence, or advanced Detection Engineering at senior/lead level
- Proficiency with threat intelligence pivoting and attribution (IPs, domains, hashes)
- Familiarity with MITRE ATT&CK, ATLAS, MAESTRO
- Knowledge of identity-based attack techniques (Pass-the-Hash/Ticket, Golden/Silver Tickets, MFA Fatigue, token theft)
- Experience with tools like Mimikatz, BloodHound, Rubeus
- Vulnerability and exploit research, PoC evaluation, patching strategies
- Programming/scripting in Python, Go, Bash
- Data mining/OSINT from OSINT sources and threat feeds
- Rule/Signature development (YARA, Snort) and SIEM query languages (Splunk SPL, KQL)
- AI/ML in threat research
- Cross-functional leadership and communication
- IAM, PAM, cloud identity architectures (AWS IAM, Azure AD/Entra ID, GCP Cloud Identity)
- Hybrid work willingness from Bengaluru office
- Willingness to travel globally
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.