Cyber Security Researcher and Developer

4 weeks ago


Lahore, Punjab, Pakistan WhyCrew Full time
Cyber Security Researcher and Developer (Active Directory)Cyber Security Researcher and Developer (Active Directory)

Cyber Security Researcher & Developer (Active Directory)Position Overview

We are seeking an experienced Cyber Security Researcher and Developer to join our team and lead the development of a cutting-edge Security Information and Event Management (SIEM) solution specifically designed for Active Directory environments. This role combines deep cybersecurity expertise with advanced development skills to build innovative detection capabilities using graph-based data analysis.

Key ResponsibilitiesSIEM Development & Architecture
  • Design and develop a comprehensive SIEM platform tailored for Active Directory security monitoring
  • Architect scalable data collection pipelines to ingest AD logs, events, and metadata
  • Build real-time and batch processing systems for AD security data analysis
  • Implement advanced correlation engines to identify complex attack patterns across AD infrastructure
Active Directory Security Research
  • Research emerging threats and attack vectors targeting Active Directory environments
  • Develop detection algorithms for AD-specific attacks (Golden Ticket, Silver Ticket, DCSync, Kerberoasting, etc.)
  • Analyze AD attack paths and privilege escalation techniques
  • Create behavioral baselines for normal AD operations to improve anomaly detection
Graph Data Analysis & Implementation
  • Design and implement graph-based data models representing AD relationships and trust structures
  • Develop graph algorithms to identify suspicious access patterns and lateral movement
  • Build graph traversal queries to detect attack paths and privilege escalation chains
  • Optimize graph database performance for large-scale AD environments
Detection Engineering
  • Create high-fidelity detection rules and signatures for AD-based threats
  • Develop machine learning models for behavioral analysis of AD users, computers, and services
  • Build automated threat hunting workflows and investigation playbooks
  • Implement alert correlation and de-duplication mechanisms to reduce false positives
Required QualificationsTechnical Expertise
  • 5+ years of experience in cybersecurity research and development
  • 3+ years of hands-on experience with Active Directory security and administration
  • Strong expertise with graph databases (Neo4j, Amazon Neptune, Azure Cosmos DB, etc.)
  • Proficiency in graph query languages (Cypher, Gremlin, SPARQL)
  • Advanced programming skills in Python, C#, PowerShell, or Java
  • Experience with big data technologies (Elasticsearch, Apache Kafka, Apache Spark)
Security Knowledge
  • Deep understanding of Active Directory architecture, protocols (Kerberos, LDAP, NTLM), and security models
  • Extensive knowledge of AD attack techniques and MITRE ATT&CK framework
  • Experience with Windows event log analysis and forensics
  • Understanding of enterprise security monitoring and SIEM platforms
  • Knowledge of threat intelligence and IOC management
Development Skills
  • Experience building scalable, distributed systems
  • Proficiency with cloud platforms (AWS, Azure, GCP) and containerization (Docker, Kubernetes)
  • Knowledge of API development and microservices architecture
  • Experience with CI/CD pipelines and DevSecOps practices
  • Database design and optimization experience
Preferred Qualifications
  • Advanced degree in Computer Science, Cybersecurity, or related field
  • Security certifications such as CISSP, GCIH, GREM, or equivalent
  • Experience with commercial SIEM platforms (Splunk, QRadar, Sentinel, etc.)
  • Knowledge of machine learning and data science techniques for security analytics
  • Experience with threat hunting and incident response
  • Contributions to open-source security tools or research publications
  • Knowledge of compliance frameworks (SOX, PCI-DSS, HIPAA)
What You'll Work OnCore SIEM Platform
  • Build data connectors for various AD log sources (Domain Controllers, ADFS, ADCS, DNS)
  • Develop real-time event processing and enrichment capabilities
  • Create intuitive dashboards and visualization tools for security analysts
  • Implement automated response and remediation workflows
Advanced Analytics Engine
  • Design graph-based models to represent AD relationships and dependencies
  • Build algorithms to detect anomalous patterns in user behavior and system access
  • Develop predictive models for identifying potential security incidents
  • Create automated threat hunting capabilities using graph traversal techniques
Research & Innovation
  • Stay current with emerging AD security threats and defensive techniques
  • Prototype new detection methods and proof-of-concept security tools
  • Collaborate with threat intelligence teams to incorporate external feeds
  • Publish research findings and present at security conferences
Technical Environment
  • Languages: Python, C#, PowerShell, JavaScript/TypeScript
  • Databases: Neo4j, Elasticsearch, SQL Server, PostgreSQL
  • Platforms: Windows Server, Linux, Azure, AWS
  • Tools: Splunk, ELK Stack, Apache Kafka, Docker, Kubernetes
  • Methodologies: Agile/Scrum, DevSecOps, Test-Driven Development
Team & Culture

Join a collaborative team of security researchers, data scientists, and engineers passionate about advancing cybersecurity defense capabilities. We foster innovation, continuous learning, and knowledge sharing while maintaining a focus on practical security outcomes.

Seniority level
  • Seniority levelMid-Senior level
Employment type
  • Employment typeFull-time
Job function
  • Job functionInformation Technology
  • IndustriesSoftware Development

Referrals increase your chances of interviewing at WhyCrew by 2x

Sign in to set job alerts for "Security Researcher" roles.Senior Security Operations Center (SOC) AnalystSenior Security Operations Center (SOC) AnalystSecurity Operations Center (SOC) EngineerSenior Cyber Security Operations Engineer I

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

  • Lahore, Punjab, Pakistan Cyber Evangelists Full time

    Mid Level Cyber Security Researcher | Red TeamerRole OverviewCyber Evangelists is seeking a Mid-Level Cyber Security Researcher | Red Teamer to enhance our offensive security operations. The ideal candidate will conduct security research, red teaming engagements, and automation of security processes to improve efficiency and scalability.Key...


  • Lahore, Punjab, Pakistan Intelegence Full time

    Company DescriptionWe suggest you enter details hereRole DescriptionThis is a full-time on-site role for a Cyber Security Specialist, located in Lahore. The Cyber Security Specialist will be responsible for ensuring the security of applications, networks, and data. Daily tasks include monitoring security systems, performing security assessments, identifying...


  • Lahore, Punjab, Pakistan Vision Telecom (Pvt) Ltd Full time

    Join to apply for the Sr. Cyber Security Engineer role at Vision Telecom (Pvt) LtdJoin to apply for the Sr. Cyber Security Engineer role at Vision Telecom (Pvt) LtdGet AI-powered advice on this job and more exclusive features.Minimum Experience : At least 5 or more years of relevant work experienceJob Type : FULL TIMEOpenings : 1Education : Bachelor's degree...


  • Lahore, Punjab, Pakistan Vision Telecom (Pvt) Ltd Full time

    Position : Sr. Cyber Security EngineerLocation : LahoreMinimum Experience : At least 5 or more years of relevant work experienceJob Type : FULL TIMEOpenings : 1Education : Bachelor's degree in computer science, MIS, or Information Security or equivalent work experienceSee More Job OpeningsHaving a profound Resume & compiled Portfolio increases your chances...


  • Lahore, Punjab, Pakistan beBeeSecurity Full time

    Senior Manager of Cyber Security OperationsWe are seeking a highly skilled Senior Manager of Cyber Security Operations to join our team. This individual will be responsible for overseeing the management and maintenance of our SIEM solution, ensuring it effectively collects, analyzes, and reports on security-related events.Key Responsibilities:Create and...


  • Lahore, Punjab, Pakistan beBeeSecurity Full time

    Job Title: Senior Cyber Security Professional">The University Of Lahore is seeking a highly skilled and experienced Senior Cyber Security Professional to join our team. The ideal candidate will have a proven track record of overseeing security systems and protocols, collaborating with project directors for effective project management, and ensuring...


  • Lahore, Punjab, Pakistan beBeeCyberSecurity Full time

    Job DescriptionWe are seeking a highly skilled and experienced Senior Cyber Security Expert to join our team. The ideal candidate will have a strong background in network security, firewall technologies, and Cisco's advanced security portfolio.The successful candidate will be responsible for designing, implementing, and managing complex secure network...


  • Lahore, Punjab, Pakistan Pligence Full time

    Direct message the job poster from PligenceFounding Member @ Pligence || Head of Mobile SecurityJob Title: SeniorSecurity ResearcherPligence is an innovative cybersecurity company committed to delivering cutting-edge solutions to our clients. We foster a dynamic and inclusive work environment, emphasizing collaboration, growth, and a healthy work-life...


  • Lahore, Punjab, Pakistan Pukat Digital Full time

    Job Description: Cybersecurity SpecialistPosition: Cybersecurity SpecialistLocation: LahoreEmployment Type: Full TimeExperience Level: Senior-LevelJob SummaryWe are seeking a skilled Cybersecurity Specialist to safeguard our organization's digital infrastructure, networks, and sensitive information. The ideal candidate will have strong analytical skills, a...


  • Lahore, Punjab, Pakistan BlueHexagon Full time

    Key Responsibilities:● Identify, monitor, assess, and counter the cyber threats posed by cybercriminals in support of a security operations center● Author finished intelligence products (malware analysis reports, incident reports, JIRA reports etc)● Verify threat-detection coverage for the entire lifecycle of a threat● Analysis of the Malwares/False...