Startup Jobs
Post a Job
Cloudlinux

Head of Malware Research & Engineering (remote-only, Europe)

Romania
full-time Remote

TLDR

Oversee three specialized teams dedicated to malware detection and analysis while driving innovations in cloud-based antivirus solutions.

CloudLinux is a global remote-first company. We are driven by our principles: do the right thing, employees first, we are remote first, and we deliver high-volume, low-cost Linux infrastructure and security products that help companies to increase the efficiency of their operations. Every person on our team supports each other and does what we can to ensure we all are successful. 

Imunify360 Security Suite is a product of CloudLinux Inc., the maker of the #1 OS in security and stability for hosting providers. Imunify is an innovative security solution designed specifically for shared and VPS/Dedicated servers. The automated, easy-to-use solution with the six-layer approach to security delivers comprehensive and complete attack prevention.

We are seeking an experienced Engineering Leader to head the Cloud Antivirus Department at Imunify360, overseeing three specialized teams that form the core of Imunify's malware detection, analysis, and cloud scanning infrastructure. This role combines deep technical expertise in malware analysis and distributed systems with strong people management and strategic product vision.

The department is responsible for protecting millions of websites on shared hostings through the Imunify360/ImunifyAV product line, processing tens of millions of files through a cloud-based antivirus pipeline, and maintaining the malware signature lifecycle from creation to deployment.


Teams Under Management

  1. Malware Team — On-server malware scanning and detection stack: signature-based and heuristic scanners, real-time file monitoring, malware cleaner, signature server, release engineering and rollout.
  2. Cloud Antivirus (CloudAV) Team — Cloud-based malware analysis infrastructure: large-scale Airflow data processing cluster (24+ nodes), PHP emulator sandbox, automated signature generation, file classification pipelines, storage and hardware capacity planning.
  3. Malware Processing Team — Malware analysis operations: sample triage, signature creation, false negative/false positive remediation, ML-assisted classification, vendor integrations, and remediation tooling.

Key Responsibilities

Product & Strategy

  • Introduce, own and constantly improve key metrics for antivirus products
  • Define and prioritize the product roadmap across all three teams
  • Drive product initiatives to achieve challenging key metrics
  • Collaborate with Product Management on VIP customer requirements and competitive analysis
  • Introduce more AI tools & instruments within malware detection lifecycle

Technical Leadership & Architecture

  • Own the end-to-end malware detection pipeline: from file ingestion through cloud analysis to on-server verdict delivery and cleanup
  • Drive architectural decisions for distributed data processing (Airflow DAGs, async Python, ClickHouse, MongoDB, Redis, Kafka)
  • Oversee migration and modernization initiatives (e.g., AI malware analysis, AI rules creation)
  • Design and implement performance optimizations for cloud processing throughput (10M+ brand new samples added daily)
  • Manage infrastructure capacity planning: compute nodes, Ceph storage clusters, database scaling

People Management

  • Lead 3 teams across multiple time zones
  • Hire, mentor, and grow engineers and team leaders for 3 teams 
  • Coordinate cross-team dependencies with Server Team, Web Protection Team, QA, Infrastructure, and Support

Operational Excellence

  • Ensure signature release quality through automated testing pipelines
  • Monitor and improve detection rates, false positive rates, and cleanup success metrics
  • Respond to production incidents (certificate expiries, infrastructure failures, processing bottlenecks)
  • Manage vendor and partner technical integrations

Goals for the First 6 Months

  1. Understand the full pipeline end-to-end: from file ingestion from clients' servers, pipelines processing in the cloud, verdict delivery, and on-server scanning/cleanup
  2. Maintain momentum on active initiatives: e.g. Rust migration
  3. Establish relationships with cross-functional stakeholders (Server Team, Web Protection Team, Product, Support, Infrastructure)
  4. Identify and address the top 3 detection quality or infrastructure bottlenecks
  5. Define the department key metrics and start tightening them to excellence

Requirements

Must have

  • Past experience leading security products / labs with / researches
  • 8+ years of software engineering experience, with 3+ years in a management role leading multiple teams
  • Deep expertise in malware analysis and antivirus technologies: static/dynamic analysis, signature-based detection, heuristic engines, file classification

Nice to have

  • Strong background in distributed systems and data engineering: experience with workflow orchestration (Airflow, Luigi, or similar), message queues (Kafka, RabbitMQ), and large-scale data processing
  • Experience with infrastructure at scale: managing compute clusters, storage systems (Ceph, S3), databases (ClickHouse, MongoDB, PostgreSQL, Redis)
  • Strong understanding of CI/CD pipelines: Jenkins, GitLab CI, containerized deployments (Docker)
  • Experience with monitoring and observability: Grafana, Sentry, log aggregation
  • Experience in the web hosting security domain (cPanel, Plesk, shared hosting environments)
  • Background in machine learning applied to malware detection (transformers, LLMs for code analysis)
  • Experience with GCP (Secret Manager, Cloud Storage)
  • Familiarity with PHP internals and PHP emulation for dynamic analysis
  • Track record of building and scaling cloud antivirus / threat intelligence platforms
  • Experience managing geographically distributed teams

Technical Stack

  • Languages: Python (primary), Rust, PHP, SQL
  • Orchestration: Apache Airflow, Celery, Redis
  • Databases: ClickHouse, MongoDB, PostgreSQL, Redis
  • Storage: Ceph, S3-compatible storage
  • Infrastructure: Bare metal (Atman DC), Nebula, Docker, GCP
  • CI/CD: Jenkins, GitLab
  • Monitoring: Grafana, Redash, Sentry

Benefits

What's in it for you?

  • A focus on professional development.
  • Interesting and challenging projects.
  • Fully remote work with flexible working hours, that allows you to schedule your day and work from any location worldwide.
  • Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leaves.
  • Compensation for private medical insurance.
  • Co-working and gym/sports reimbursement.
  • Budget for education.
  • The opportunity to receive a reward for the most innovative idea that the company can patent.

By applying for this position, you consent to the processing of your personal data as described in our Privacy Policy (https://cloudlinux.com/candidate-privacy-notice), which provides detailed information on how we maintain and handle your data.

Benefits

Flexible Work Hours

Fully remote work with flexible working hours, that allows you to schedule your day and work from any location worldwide.

Health Insurance

Compensation for private medical insurance.

Learning Budget

Budget for education.

Co-working and gym reimbursement

Co-working and gym/sports reimbursement.

Paid Time Off

Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leaves.

 Cloudlinux

CloudLinux is a global remote-first company that specializes in high-volume, low-cost Linux infrastructure and security products. Our solutions enhance operational efficiency for businesses, with products like the Imunify360 Security Suite specifically designed to secure shared and VPS/Dedicated servers.

Website LinkedIn
View all jobs
Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Head of Human Resources Q&A's
Report this job
Apply for this job