4 Honeypot Jobs

Acronis is revolutionizing cyber protection—providing natively integrated, all-in-one solutions that monitor, control, and protect the data that businesses and lives depend on. We are looking for a TRU Researcher to join our mission to create a #CyberFit future and protect all data, applications and systems across any environment. We are seeking a skilled and driven Threat Researcher to join Acronis’ Threat Research Unit. This exciting opportunity offers you the chance to play a key role in proactively defending Acronis customers against evolving cyber threats. As part of our expert team, you will engage in cutting-edge research and collaborate on high-profile security incidents. What You’ll Do Conduct in-depth research and actively hunt for both emerging and existing cyber threats, attack techniques, and malware. Generate original research leads through exploratory data analysis, pivoting on indicators, and investigating anomalous or low-prevalence activity patterns. Develop automation tools to gather malware and threat intelligence data from diverse sources such as product telemetry, the Dark Web, and honeypots. Manage and populate threat intelligence databases with the data collected. Track and attribute emerging TTPs and campaigns across malware families, threat actors, and regions. Perform reverse engineering of malware and identify novel obfuscation, packer, and C2 techniques to enrich intelligence feeds and produce unique detection content. Lead the production of actionable threat intelligence tailored to internal detection teams, external partners, and public-facing reports. Maintain, expand, and enrich Acronis’ internal threat intelligence platforms and hunting capabilities, including malware collection pipelines, dark web scrapers, and honeypot networks. Represent Acronis in the threat intelligence community: publish cutting-edge research, participate in coordinated disclosures, and present findings at leading industry conferences. What You Bring A minimum of 3 years experience in threat intelligence, threat hunting, or malware research roles with demonstrable hands-on investigations. In-depth understanding of the threat landscape, MITRE ATT&CK, malware TTP tracking, and actor profiling. Proficiency in static and dynamic malware analysis, as well as reverse engineering using tools such as IDA Pro and Ghidra. Solid knowledge of the TCP/IP network stack, with experience using network analysis tools like Suricata, Zeek, and Wireshark. Strong understanding of Windows and Linux operating systems, including their architecture and internals. Excellent analytical, problem-solving, and critical thinking abilities. Strong written and verbal communication skills, with the ability to present complex technical information to both technical and non-technical audiences. Proficiency in English. Preferred Qualifications Hands-on experience developing custom threat hunting or enrichment tools in Python, Go, or similar languages. Experience discovering new malware variants or infrastructure through passive DNS, WHOIS, TLS certificate analysis, or OSINT. Working knowledge of Chinese languages is a plus. Who We Are Acronis is a global cyber protection company that provides natively integrated cybersecurity, data protection, and endpoint management for managed service providers (MSPs), small and medium businesses (SMBs), enterprise IT departments and home users. Our all-in-one solutions are highly efficient and designed to identify, prevent, detect, respond, remediate, and recover from modern cyberthreats with minimal downtime, ensuring data integrity and business continuity. We offer the most comprehensive security solution on the market for MSPs with our unique ability to meet the needs of diverse and distributed IT environments. A Swiss company founded in Singapore in 2003, Acronis offers over twenty years of innovation with 15 offices worldwide and more than 1800 employees in 50+ countries. Acronis Cyber Protect is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses. Our corporate culture is focused on making a positive impact on the lives of each employee and the communities we serve. Mutual trust, respect and belief that we can contribute to the world everyday are the cornerstones of our team. Each member of our “A-Team” plays an instrumental role in driving the success of our innovative and expanding business. We seek individuals who excel in dynamic, global environments and have a never give up attitude, contributing to our collective growth and impact. Acronis is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, marital status, national origin, physical or mental disability, medical condition, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, gender identity or expression, or any other characteristic protected by applicable laws, regulations and ordinances.

L3 Security Engineer / Specialist Role Overview We are looking for an experienced and hands-on L3 Security Engineer to play a key role in operating and enhancing our cybersecurity defenses. As a senior member of the security operations team, you’ll work with cutting-edge tools to detect, analyze, and respond to complex security threats. Key Responsibilities Lead the configuration, tuning, and optimization of security platforms including: Breach & Attack Simulation (BAS) tools Attack Surface Management (ASM) File Upload Security Decoy/Honeypot Systems Phishing Simulation Platforms MDM Solutions ( Mobile Device Management) Secure Backup & Ransomware Protection Network Access Control (NAC) - Cisco ISE Perform in-depth investigations of advanced threats, escalated incidents, and suspicious behavior. Collaborate with AD/Infra teams to enhance Active Directory Security posture. Support GRC teams in ensuring alignment with internal controls and regulatory standards. Develop scripts, tools, or playbooks to automate recurring processes and improve response times. Document incident response actions and maintain operational SOPs and knowledge base. Note : NAC and MDM are the primary requirements. Required Skills & Experience 5+ years of hands-on experience in cybersecurity operations or engineering. Strong technical knowledge across multiple security domains (as listed above). Proficiency in analyzing logs, alerts, and forensic data for root cause analysis. Working knowledge of SIEM, SOAR, EDR, and other security operations tools. Familiarity with scripting (e.g., Python, PowerShell) for automation is a plus. Relevant certifications (e.g., CEH, OSCP, GCIA) are advantageous.

As a Senior Kamailio (VoIP) Developer, you must take complete ownership of supporting all VoIP infrastructure, debugging issues related to specific servers or software, or remote clients such as SIP devices (both virtual such as soft-phone or WebRTC client, and physical such as a desk phone or an on-premise PBX), and providing fixes. Experience with Open Source VoIP applications such as Kamailio, OpenSIPS, FreeSWITCH, RTPEngine or RTPProxy, and open source tools such as Wireshark, sngrep, and Homer Experience with High Availability, geographically redundant, and load-balanced applications of FreeSwitch and Kamailio, with Call Center functionality, Presence, and SIP Registrations Working FreeSWITCH carrier experience to handle 10,000+ concurrent calls Good knowledge of RTP Proxy and routed audio conferences concept where media would flow via free switch RTP Proxy FreeSWITCH - Listening to all events generated by Kamailio or events from FreeSwitch such as those exposed using esl/mod_event_socket Support customers during EST timezone during critical releases or emergency incidents 5+ yrs of supporting global VoIP services and/or applications on cloud-based servers. Expertise in SIP call flow analysis and debugging Expertise in setup and maintaining SIP-based monitoring, debugging, and alerting services Experience scripting call flow, dialplan, and custom routing with FreeSwitch using LUA and XML Experience in debugging Kamailio and Freeswitch-based applications is a must Good problem-solving and analytical skills Excellent written and verbal communication Experience working with open-source projects Exposure to SIP Carrier Integration Advanced Experience with cloud media infrastructure (load balancers, gateways, SBCs, STUN, TURN) Advanced Knowledge of all modern VoIP protocols/platforms including (SIP, RTP stack & SDP, RTCP, TCP, UDP, SIP, HTTPS, SSL/TLS) Working Knowledge of Network Usage Scenarios and understanding of Internet Traffic with the general flow of Routing, Ports, Firewalls, and Packet Flow Experience with any load testing tools for FreeSwitch/Kamailio to ensure scalability and acceptable minimum load tolerances, such as automated dialplan testing, calls per second testing (CPS), transcoding validation, and playback verification Working understanding and knowledge of codecs such as PCMU, G722, and Opus and how to efficiently transcode codecs, or optimize and prevent call quality issues by signal updates for optimized codec renegotiation Ability to create and maintain geo-redundant and highly available and optimized MySQL and/or PostgresSQL based database infrastructure (with working understanding of vertical and horizontal sharding) Excellent troubleshooting skills and working knowledge of IPTables, Fail2ban, wireshark, tcpdum, sipp Understanding of SIP security such as acceptable or unacceptable requests, and how to respond/honeypot Experience with containers and automation tools such as Kubernetes, Docker, Ansible, Jenkins, Nomad. Advanced working knowledge and experience to set up and maintain a geographically redundant and highly scalable SQL backend Working experience implementing and testing HA scenarios and automated fail-over tests Experience with CloudFlare products (such as WebSockets, SIP, and RTP over Magic Transit) Experience working with AWS, GCS Kubernetes is a plus Experience with Linux, open source tools and shell scripting Experience with video conferences and video transcoding is a plus Develop and maintain automation of code deployment (AWS, k8s, CI/CD, etc.) Experience with AMQP protocol with Kamailio and FreeSwitch (such as RabbitMQ / Kafka) Experience with real-time RTP processing for transcription and predictive response handling using internal applications or third party services Show more Show less

Responsibilities Assist in Data Discovery & Classification to identify sensitive data across systems.Support File Upload Security Solutions by monitoring and analyzing file uploads for threats.Participate in Attack Surface Management (ASM) to identify and mitigate vulnerabilities.Assist in Breach & Attack Simulation (BAS) and Red Team exercises under supervision.Conduct Phishing Simulation campaigns and report on user awareness.Monitor Active Directory (AD) Security for suspicious activities.Support IT Governance, Risk & Compliance (GRC) efforts by maintaining security policies.Assist in deploying and monitoring Decoy (Honeypot) systems for threat detection.Help manage Mobile Device Management (MDM) policies and security controls.Support Secure Data Backup & Recovery (Ransomware Protection) processes.Assist in enforcing Network Access Control (NAC) policies. Qualifications2–5 years of experience in cybersecurity operations.Hands-on experience with SIEM, BAS, ASM, and NAC tools.Strong knowledge of phishing, ransomware defense, and AD security.Experience in GRC frameworks (ISO 27001, NIST and GDPR).Familiarity with honeypots, incident response, and threat intelligence.Certifications like CISSP, CISM, OSCP, or CASP+ preferred.