Threat Researcher (Bangkok Based)

Confirmed live in the last 24 hours

Agoda

Bangkok, Thailand

On-site

Posted March 30, 2026

Job Description

About Agoda

At Agoda, we bridge the world through travel. Our story began in 2005, when two lifelong friends and entrepreneurs, driven by their passion for travel, launched Agoda to make it easier for everyone to explore the world.

Today, we are part of Booking Holdings [NASDAQ: BKNG], with a diverse team of over 7,000 people from 90 countries, working together in offices around the globe. Every day, we connect people to destinations and experiences, with our great deals across our millions of hotels and holiday properties, flights, and experiences worldwide.

No two days are the same at Agoda. Data and technology are at the heart of our culture, fueling our curiosity and innovation. If you’re ready to begin your best journey and help build travel for the world, join us.

You will be immersed in research involving the very latest cyber threats and unprecedented attacks, specifically those targeting the travel sector. Tracking these hacker groups and their evolving tactics will be a pivotal aspect of your role. Given the nature of such challenges, which change on a weekly basis, innovative and outside-the-box solutions are not just encouraged, they are a necessity.

In this role, you’ll get to:

Hunting to find undetected malware, DLP threats and API weaknesses.
Replicate malware in isolated environment and check security posture, and advice improvements.
Ability to identify TTPs used, malware family and threat actors based from attack information.
Proactively automate repetitive tasks—including threat hunting, identifying detection gaps, and other routine workflows, and leverage AI in these automations wherever possible.
Author custom detection rules to provide extra layer of security besides products.
Analyze each step of the attack cycle and come up with detection ideas to mitigate them.
Ability to document and produce research content in form of reports.
Follow in the wild attacks and tricks on a daily basis, and protect Agoda against these attacks in form of attack surface reduction / hunt rules.

What you'll Need to Succeed:

Bachelors in Computer Science or related degree.
Experience 2-5 years in cybersecurity research.
Malware analysis (static and behavioral), network PCAP and memory analysis.
Scripting knowledge (Python, PowerShell), Jupyter notebooks and working with no-code flows for automation.
Fundamentals of malware and phishing attacks.
Able to separate malicious behavior from clean activity in SIEM logs
Demonstration of published research in public domain is a big plus (Whitepapers, Blogs, GitHub etc.)
Good at pattern recognition and thinking out of the box solutions.
Passionate with fighting Cybercriminals, and up to date with latest security news.
Good communication skills in English to communicate security risks to other teams.

#sanfrancisco #sanjose #losangeles #sandiego #oakland #denver #miami #orlando #atlanta #chicago #boston #detroit #newyork #portland #philadelphia #dallas #houston #austin #seattle #sydney #melbourne #perth #toronto #vancouver #montreal #shanghai #beijing #shenzhen #prague #Brno #Ostrava #cairo #alexandria #giza #estonia #paris #berlin #munich #hamburg #stuttgart #cologne #frankfurt #hongkong #budapest #jakarta #bali #dublin #telaviv #milan #rome #venice #florence #naples #turin #palermo #bologna #tokyo #osaka #kualalumpur #malta #amsterdam #oslo #manila #warsaw #krakow #doha #alrayyan #riyadh #jeddah #mecca #medina #singapore #seoul #barcelona #madrid #stockholm #zurich #taipei #tainan #taichung #kaohsiung #bangkok #Phuket #istanbul #london #manchester #liverpool #edinburgh #hcmc #hanoi #lodz #wroclaw #poznan #katowice #rio #salvador #newdelhi #bangalore #bandung #yokohama #nagoya #okinawa #fukuoka #jerusalem #IT #4 #LI-RS1