Sr. Threat Researcher

SENIOR THREAT RESEARCHER

CLIENT: USA-BASED; REMOTE

SHIFT: NIGHT / GRAVEYARD PHT

TYPE: FULL TIME; INDEPENDENT CONTRACTOR

As a Sr. Threat Researcher, you will join our Managed Threat Intelligence group, a world-class team focused on generating actionable threat intelligence findings for clients of Managed Services. With a core focus on building out an intelligence platform, this role helps clients fully understand the nature of the threats targeting them and provides critical intelligence to help clients most effectively prioritize aspects of their defensive posture.

WHAT YOU'LL DO

• Actively research a variety of cyber threats using technical analysis techniques, data analysis, and both open-source and deep/dark web intelligence gathering.
• Participate in a peer review process of intelligence deliverables by providing notes and constructive feedback.
• Analyze threats to identify novel adversary capabilities, tactics, techniques, and procedures.
• Conduct data analysis to identify notable trends and activity groups in email-delivered, Account Takeover, and Digital Impersonation activity across the cybercrime ecosystem.
• Monitor previously identified activity groups over time to track activity and evolution in their behavior.
• Develop infrastructure for Threat Intelligence platform
• Other duties as assigned.

QUALIFICATIONS

• 8+ years in security operations, or 3-5 years in intelligence analysis or investigative journalism.
• Strong understanding of social engineering techniques, phishing threats, and digital impersonation tactics.
• Fluent in reading web-based scripting languages including HTML, PHP, and JavaScript.
• Strong static and dynamic analysis skills with an emphasis on web applications
• Exceptionally strong analytical reasoning, problem solving, and decision-making skills.
• Experience analyzing email-based threats, including familiarity with SMTP and email header analysis.
• Exceptional research skills using both OSINT and private threat data.
• Proficiency querying both relational and non-relational databases.
• Strong experience with creating pattern matching signatures (Regex, YARA) and using querying languages (KQL, SQL).
• Ability to work independently and effectively as part of a remote team with minimal supervision.
• Relentless curiosity and desire to self-develop in order to keep up with the evolving threat landscape.
• Advanced scripting knowledge, and a passion for automating routine or repetitive tasks. Python knowledge required.
• Proficiency with web-application penetration testing principles. Note: this job is not a pen-testing role.
• Proficiency analyzing web traffic using Wireshark, developer tools, or other mechanisms.
• Experience deobfuscating code to facilitate analysis.
• Able to effectively develop intelligence requirements to an RFI via interaction with stakeholders.
• Familiarity with GitOps, systems architecture, and Object-Oriented design patterns 

Work from Home Requirements:

1.  Internet Connection: Must have a minimum of 50mbps main AND backup internet connection at home
2. Computer/Laptop: The contractor must have a working computer from home. 
3. Dual Monitors: Must have a 2nd monitor
4. Headsets: The Contractor must have a Noise Canceling Headset
5. Dedicated Home Office - Contractors are required to have a dedicated home office free from noise and distractions. 
6. WebCam
7. Must be comfortable in using a timetracker