Security Researcher

The Job

The Security Researcher is responsible for independently developing, validating, and

maintaining SIEM detections aligned with real-world adversary behaviors. This role

translates threat intelligence into actionable detection logic and continuously improves

detection coverage and signal quality. You will contribute directly to production-ready

detection content and help strengthen Guardsix’s detection capabilities through research-

driven insights and operational impact.

What You Will Be Doing:

• Design, implement, and maintain SIEM detection rules and correlation logic.
• Translate threat intelligence into detection hypotheses and validate against telemetry.
• Analyze logs across endpoint, network, cloud, and security devices.
• Perform detection tuning to reduce false positives and improve detection fidelity.
• Identify detection gaps and propose new detection use cases.
• Map detections to MITRE ATT&CK techniques and maintain coverage tracking.
• Develop dashboards, alerts, and reports within the SIEM platform.
• Perform vulnerability analysis and integrate findings into detection strategies.
• Maintain awareness of evolving threats, attacker techniques, and industry developments.
• Collaborate with Product and Engineering teams to ensure detection usability and effectiveness.
• Contribute to research outputs and internal threat advisories.
• Document the detection lifecycle (design → validation → tuning → maintenance).

What you bring to the table:

• Strong ownership of detection areas with an outcome-driven mindset.Collaborative and solution-oriented approach when working across teams.
• Curiosity and continuous learning attitude towards evolving threats and technologies.
• Ability to clearly communicate technical decisions and detection logic.
• Accountability and commitment to delivering high-quality detection outcomes.

Your skills and experience:

• 2–4 years of experience in security research, detection engineering, or SOC operations
• Hands-on experience with SIEM platforms, detection rule development, and log analysis
• Proficiency in scripting languages such as Python, Bash, or PowerShell
• Strong understanding of operating systems, network protocols, and security telemetry (endpoint, network, cloud, identity, email)
• Familiarity with security tools (SIEM, IDS/IPS, EDR), testing tools (Wireshark, Nmap, Metasploit, OWASP ZAP), and frameworks (MITRE ATT&CK, NIST, CIS, OWASP, CVE, STIX/TAXII)

Discover the perks of working with us:

• Competitive Compensation & Financial Security: Competitive pay, festive allowance, SSF.
• Health and Wellness: Medical insurance for you and your family, fitness facilities, and well-being programs.
• Work-Life Balance: Generous leave policies, mandatory vacation, and a five-day work week.
• Flexible Work Options: Work-from-home facility and company-provided meals.
• Professional Growth: Learning & Development support, certifications, and career advancement opportunities.
• Inclusive Culture: Diverse, international environment with a focus on equal opportunity.
• Recognition: Reward and recognition programs.

Why you would love working at Guardsix:

We’re on a growth journey, we offer a challenging and exciting international work environment on the cutting edge of cybersecurity technology. We strive to deliver outstanding results in a positive, collaborative, and inclusive atmosphere with great opportunities for personal growth and development.

At the heart of everything we do is our values: Collaboration, Passion and Impact. These values are not just words but our way of living. By design, we push to create a culture that is dynamic, positive, and contagious. Where each person can show up as their true self, knowing they are valued, heard, and respected.

Here at Guardsix, you won’t just be solving technical problems, but as a part of our diverse and passionate global team, you’ll be joining a company dedicated to shaping the future of cybersecurity solutions.

Get to know Guardsix:

Headquartered in Copenhagen, Denmark, with offices across Europe, the USA, and Asia, Guardsix is a multinational and multicultural cybersecurity company. Guardsix safeguards society in a digital world by helping customers and Managed Security Service Providers (MSSPs) detect cyberattacks. Combining reliable technology with a deep understanding of cybersecurity challenges, we make security operations easier, giving organizations the freedom to progress.

We’re on a mission. We want to detect every cyberattack. It’s a bold mission. Some might even say it cannot be done. We’re aiming to prove otherwise. Guardsix’s SIEM and NDR technologies improve visibility and give a multi-layered approach to cybersecurity that helps customers and MSSPs navigate the complex threat landscape.

Ready to apply?

We are interviewing candidates on an ongoing basis, so click “Apply for This Job”, and we will get back to you directly.

If you have any questions about this position, please send an email to the People and Culture Team at np-hr@guardsix.com.