Job Description

Job Purpose:

Lead the research, design, and development of an AI-Augmented Unified Security Framework (AI-USF) that integrates Zero Trust Network Architecture (ZTNA), Identity & Access Management (IAM), and AI-driven behavioural intelligence.

Conduct experiments involving privilege escalation, fileless malware detection, and backdoor/C2 behavioural analysis, utilizing memory forensics, command-sequence analytics, and code-level anomaly modelling.

Develop datasets, ML models, and detection engines that fuse network telemetry, identity logs, behavioural patterns, and runtime code activity into a unified detection pipeline.

Validate the architecture and models using simulated enterprise environments, red-team scenarios, and real-world threat samples.

Required Qualification:

Master's or Ph.D. in Cybersecurity, Computer Science, Information Security, Network Engineering, or a related field.

Research background in Zero Trust, IAM systems, behavioural AI, or malware analysis.

Strong understanding of enterprise security architectures and modern threat landscapes (fileless malware, identity-based attacks, backdoors).

Tools to be Familiar:

Zero Trust / Network Security:

ZTNA platforms: Istio, Envoy, OpenZiti. Micro-segmentation and policy enforcement concepts

Identity & Access Management:

IAM/PAM tools: Keycloak, Azure AD, Okta and IAM telemetry (login patterns, privilege elevation logs, token usage)

Behavioural & Malware Analysis:

Volatility Framework, PowerShell/WMI tracing, LOLBins analysis and Red-team/malware labs: CALDERA, Atomic Red Team

AI / ML / Code Analysis:

Python, TensorFlow, PyTorch, CodeQL, Semgrep, Graph Neural Networks, LSTM, Autoencoders, AST/CFG-based static analysis

Data Engineering & Processing:

Pandas, NumPy, Log parsing, memory-dump analysis, Dataset generation and preprocessing workflows

Required Experience

2+ years of hands-on experience in cybersecurity research, malware analysis, threat detection, or IAM/ZTNA modelling.

Prior work involving: Privilege escalation analysis, Fileless malware or memory-resident threat detection and Backdoor/C2 behavioural investigation

Experience building or evaluating ML-based intrusion or abnormal-behaviour detection systems.

Familiarity with federated learning, adversarial ML, or graph-based security analytics is highly desirable.

Required Knowledge/Skills

Strong grasp of Zero Trust principles: continuous verification, micro-segmentation, dynamic policies.

Deep understanding of identity, privilege, and access behaviour, including authentication patterns, entitlement graphs, and token misuse.

Knowledge of fileless malware techniques (PowerShell chains, reflective DLL injection, LOLBins).

Ability to perform memory forensics, identify behavioural indicators of compromise, and analyse in-memory execution traces.

Competence in code-level security analysis, including AST-based anomaly detection, logic-bomb identification, and concealed backdoor pattern recognition.

Expertise in security-focused ML: anomaly detection, sequence models, GNNs, representation learning.

Ability to design reproducible, academically rigorous research pipelines.

Design the AI-USF architecture, integrating ZTNA, IAM analytics, code-level AI models, and dynamic trust scoring mechanisms.

Build datasets from IAM logs, privilege escalation events, memory dumps, PowerShell/LOLBins traces, and code repositories.

Implement detection models for: Abnormal privilege usage and lateral movement, Fileless malware behavioural signatures, Backdoor and C2 logic anomalies in source code

Develop cross-layer correlation pipelines fusing: Network trust signals, Identity behaviour, Memory/runtime behaviour and Code-level semantics

Construct a Dynamic Trust Engine (DTE) to evaluate real-time trust and trigger enforcement actions (revocation, isolation, blocking).

Conduct red-team simulations involving privilege escalation, token hijacking, in-memory malware, and stealth backdoors.

Evaluate the research outcomes using accuracy/F1, false positives, MTTD, and trust-decision effectiveness.

Document all methodologies, datasets, architectural decisions, experimental results, and reproducibility steps.

Gray

+91 95661 33822

Job Types: Freelance, Volunteer
Contract length: 2 months

Pay: From ?5,000.00 per month

Work Location: Remote