Principal Security Research Engineer

SpyCloud is on a mission to make the internet a safer place by disrupting the criminal underground. SpyCloud’s solutions thwart cyberattacks and protect more than 4 billion accounts worldwide. Cybersecurity is an exciting, evolving space, and being at the forefront of the fight to disrupt cybercrime makes SpyCloud a special place to work. If you’re driven to align your career with a fantastic mission, look no further! The ideal candidate possesses a strong understanding of building internal security tooling and data pipelines using public cloud infrastructure, leveraging AI technologies. This role will be within SpyCloud Labs, SpyCloud's in‑house Security Research team, and focus on building automation and other internal tooling to facilitate the collection of recaptured third‑party breach and malware data. This is a full‑time remote role supporting a hybrid workforce. SpyCloud is not sponsoring visas at this time. What You’ll Do Design, implement, and maintain internal tooling for acquiring and parsing recaptured underground data. Build and deploy cloud infrastructure using Infrastructure as Code technologies. Build and deploy automated CI/CD pipelines to test and deploy tooling and infrastructure. Collaborate directly with the research team to support the targeting and collection of new data sources. Be the subject matter expert on Security Research Engineering and the data acquisition process. Leverage modern AI and LLM‑based tooling to streamline development and collection workflows. Constently and independently work to identify improvements and automation opportunities in the recaptured data workflow and ETL pipelines. Participate in security research including investigation of threat actors, malware, and other critical research in support of SpyCloud’s priorities. Mentor junior security researchers and engineers, including providing code review and guidance on efficient code writing and professional development. Requirements 6+ years experience in a senior role within cybersecurity engineering. 6+ years of professional software development experience, preferably in the cybersecurity industry. Experience using AI/ML in development workflows. Experience implementing AI/ML in data processing applications. Highly skilled with Python. Golang proficiency a plus. Experience building internal tooling and deploying using Infrastructure as Code technologies (we use Terraform and Ansible). Bachelor’s degree, or equivalent experience, in Math, Science, Engineering, or Business fields. Self‑directed with the ability to identify and deliver on tasks without needing direct supervision. Critical thinker that is comfortable supporting collaborative problem solving in a team environment. Excellent communication skills. Highly self‑motivated, empathetic, curious, and flexible. Nice to Have Experience working with large enterprises in delivery of security analytics products. Experience in acquiring and processing malware‑exfiltrated data. Experience in using data science to analyze datasets for the purposes of detecting fraud or cyberthreats. Experience with databases (relational or NoSQL) and designing efficient database architecture. U.S.‑Based Benefits + Perks (for Full‑Time Employees) 401(k) with Employer Contribution Health, Vision, and Dental Insurance Health Savings Account (HSA) available with Employer Contribution Employer Paid Life, Short‑term, and Long‑term Disability Insurance Generous PTO Plan and 16 paid holidays per year U.K.‑Based Benefits + Perks (for Full‑Time Employees) Retirement Savings Plan with Employer Contribution Employer Provided Private Health Insurance and Healthcare Cashplan Employer Paid Life Insurance and Income Replacement Generous Holiday Plan and 14 paid holidays per year For applicants residing in California, please read SpyCloud’s CCPA Notice. About SpyCloud SpyCloud transforms recaptured darknet data to disrupt cybercrime. Its automated identity threat protection solutions leverage advanced analytics and AI to proactively prevent ransomware and account takeover, detect insider threats, safeguard employee and consumer identities, and accelerate cybercrime investigations. SpyCloud’s data from breaches, malware‑infected devices, and successful phishes also powers many popular dark web monitoring and identity theft protection offerings. Customers include seven of the Fortune 10, along with hundreds of global enterprises, mid‑sized companies, and government agencies worldwide. Headquartered in Austin, TX, SpyCloud is home to more than 200 cybersecurity experts whose mission is to protect businesses and consumers from the stolen identity data criminals are using to target them now. Our Mission Our mission is to make the internet a safer place by disrupting the criminal underground. Together with our customers and partners, we aim to end criminals’ ability to profit from stolen information. Who We Are SpyCloud is a place for innovative, collaborative, and problem‑solvers to thrive. Individually, we’re amazing, but together, we’re unstoppable. We celebrate diversity and various perspectives and aim to create an inclusive and supportive environment for all. We are proud to be an Equal Employment Opportunity and affirmative action employer of choice. All aspects of employment decisions will be based on merit, performance, and business needs. We do not discriminate on the basis of any status protected under federal, state, or local law. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. Women, minorities, individuals with disabilities, and protected veterans are encouraged to apply. SpyCloud complies with applicable state and local laws governing nondiscrimination in employment. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. SpyCloud expressly prohibits any form of workplace harassment. Improper interference with the ability of SpyCloud employees to perform their job duties may result in discipline up to and including discharge. SpyCloud shares the right to work and participates in the E‑Verify program in all locations. If you need assistance or accommodation due to a disability, you may contact us. SpyCloud’s Recruitment Policy We will never ask an applicant for sensitive or personal financial information during the recruitment process. We advise all applicants seeking employment with SpyCloud to review available information on recruitment fraud. Anyone who suspects that they have been contacted by someone falsely representing SpyCloud should email View email address on click.appcast.io. Compensation Transparency Policy At SpyCloud, we believe in transparency and fairness in compensation. We strive to ensure that all employees are fairly compensated for their contributions, and we openly discuss our compensation philosophy and structure. We are committed to providing competitive salaries and benefits packages to attract and retain top talent, and we encourage open dialogue and feedback regarding compensation matters. Learn more and apply: SpyCloud Careers #J-18808-Ljbffr SpyCloud