Threat Researcher

About Agoda

At Agoda, we bridge the world through travel. Our story began in 2005, when two lifelong friends and entrepreneurs, driven by their passion for travel, launched Agoda to make it easier for everyone to explore the world.

Today, we are part of Booking Holdings [NASDAQ: BKNG], with a diverse team of over 7,000 people from 90 countries, working together in offices around the globe. Every day, we connect people to destinations and experiences, with our great deals across our millions of hotels and holiday properties, flights, and experiences worldwide.

No two days are the same at Agoda. Data and technology are at the heart of our culture, fueling our curiosity and innovation. If you’re ready to begin your best journey and help build travel for the world, join us.

As a Threat Researcher, you will be immersed in research involving the very latest cyber threats and unprecedented attacks, specifically those targeting the travel sector. Tracking these hacker groups and their evolving tactics will be a pivotal aspect of your role. Given the nature of such challenges, which change on a weekly basis, innovative and outside-the-box solutions are not just encouraged, they are a necessity.

In this role, you’ll get to:

• Hunting to find undetected malware, DLP threats and API weaknesses.
• Replicate malware in isolated environment and check security posture, and advice improvements.
• Ability to identify TTPs used, malware family and threat actors based from attack information.
• Proactively automate repetitive tasks—including threat hunting, identifying detection gaps, and other routine workflows, and leverage AI in these automations wherever possible.
• Author custom detection rules to provide extra layer of security besides products.
• Analyze each step of the attack cycle and come up with detection ideas to mitigate them.
• Ability to document and produce research content in form of reports.
• Follow in the wild attacks and tricks on a daily basis, and protect Agoda against these attacks in form of attack surface reduction / hunt rules.

What you'll Need to Succeed:

• Bachelors in Computer Science or related degree.
• Experience 2-5 years in cybersecurity research.
• Malware analysis (static and behavioral), network PCAP and memory analysis.
• Scripting knowledge (Python, PowerShell), Jupyter notebooks and working with no-code flows for automation.
• Fundamentals of malware and phishing attacks.
• Able to separate malicious behavior from clean activity in SIEM logs.
• Demonstration of published research in public domain is a big plus (Whitepapers, Blogs, GitHub etc.)
• Good at pattern recognition and thinking out of box solutions.
• Passionate with fighting Cybercriminals, and up to date with latest security news.
• Good communication skills in English to communicate security risks to other teams.

Discover More About Working At Agoda

Agoda Careers https://careersatagoda.comFacebook https://www.facebook.com/agodacareers/LinkedIn https://www.linkedin.com/company/agodaYouTube https://www.youtube.com/agodalife

Equal Opportunity Employer

At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.

We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy.

Disclaimer

We do not accept any terms or conditions, nor do we recognize any agency’s representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.

Key skills/competency

• Malware analysis
• Threat hunting
• Detection engineering
• Scripting (Python, PowerShell)
• SIEM log analysis
• API security
• Network forensics
• Cyber threat intelligence
• Automation
• Security posture assessment