Head of Malware Research & Engineering

We are looking for an Engineering Leader to manage a critical security-focused engineering function, leading multiple teams responsible for threat detection, file analysis, and large-scale cloud processing.

Key Responsibilities

Product & Strategy

• Introduce, own, and constantly improve key metrics for antivirus products.
• Define and prioritize the product roadmap across all three teams.
• Drive product initiatives to achieve challenging key metrics.
• Collaborate with Product Management on VIP customer requirements and competitive analysis.
• Introduce more AI tools & instruments within the malware detection lifecycle.

Technical Leadership & Architecture

• Own the end-to-end malware detection pipeline: from file ingestion through cloud analysis to on-server verdict delivery and cleanup.
• Drive architectural decisions for distributed data processing (Airflow DAGs, async Python, ClickHouse, MongoDB, Redis, Kafka).
• Oversee migration and modernization initiatives (e.g., AI malware analysis, AI rules creation).
• Design and implement performance optimizations for cloud processing throughput (10M+ brand new samples added daily).
• Manage infrastructure capacity planning: compute nodes, Ceph storage clusters, database scaling.

People Management

• Lead engineering and security research teams across multiple time zones.
• Hire, mentor, and grow engineers and team leaders for 3 teams.
• Coordinate cross-team dependencies with QA, Infrastructure, and Support teams.

Operational Excellence

• Ensure signature release quality through automated testing pipelines.
• Monitor and improve detection rates, false positive rates, and cleanup success metrics.
• Respond to production incidents (certificate expiries, infrastructure failures, processing bottlenecks).
• Manage vendor and partner technical integrations.

Must have

• Past experience leading security products/labs with researchers.
• 8+ years of software engineering experience, with 3+ years in a management role leading multiple teams.
• Deep expertise in malware analysis and antivirus technologies: static/dynamic analysis, signature-based detection, heuristic engines, file classification.
• Strong background in distributed systems and data engineering: experience with workflow orchestration (Airflow, Luigi, or similar), message queues (Kafka, RabbitMQ), and large-scale data processing.
• Experience with infrastructure at scale: managing compute clusters, storage systems (Ceph, S3), databases (ClickHouse, MongoDB, PostgreSQL, Redis).
• Strong understanding of CI/CD pipelines: Jenkins, GitLab CI, containerized deployments (Docker).
• Experience with monitoring and observability: Grafana, Sentry, log aggregation.

Nice to have

• Experience in the web hosting security domain (cPanel, Plesk, shared hosting environments).
• Background in machine learning applied to malware detection (transformers, LLMs for code analysis).
• Experience with GCP (Secret Manager, Cloud Storage).
• Familiarity with PHP internals and PHP emulation for dynamic analysis.
• Track record of building and scaling cloud antivirus / threat intelligence platforms.
• Experience managing geographically distributed teams.

Technical Stack

• Languages: Python (primary), Rust, PHP, SQL.
• Orchestration: Apache Airflow, Celery, Redis.
• Databases: ClickHouse, MongoDB, PostgreSQL, Redis.
• Storage: Ceph, S3-compatible storage.
• Infrastructure: Bare metal (Atman DC), Nebula, Docker, GCP.
• CI/CD: Jenkins, GitLab.
• Monitoring: Grafana, Redash, Sentry.