Senior Threat Intelligence Researcher

Remote - Arlington, Virginia, United States

Applications have closed
ThreatConnect, Inc. logo
ThreatConnect, Inc.

Posted 6 months ago

Designed by analysts but built for the entire team (security operations, threat intelligence, incident response and security leadership), ThreatConnect’s intelligence-driven security operations platform is the only solution available today with intelligence, automation, analytics, and workflows in a single platform. Centralize your intelligence, establish process consistency, scale operations, and measure your effectiveness in one place. To learn more about our threat intelligence platform (TIP) or security orchestration, automation, and response (SOAR) solutions, visit

Job Description

Calling all threat hunters, diamond modelers, and pyramid of pain climbers! The ThreatConnect Research Team is looking for a senior-level researcher with a strong background in threat intelligence analysis, particularly threat actor tracking and signature development. If you have a strong understanding of adversary tactics and techniques, and a stronger desire to use that knowledge in the fight against the adversary, come join us!

Our team is a group of threat intelligence researchers dedicated to creating actionable intelligence by identifying and exploiting attack patterns related to nation-state, criminal, and ideological cyber threats. While we share that intelligence with others to help them defend against threats, we also focus on developing, capturing, and sharing our tradecraft to help our users develop their own threat intelligence processes. As our new Senior Threat Intelligence Researcher, you will take on the following responsibilities:

  • Hunt for interesting threat activity in our data collection systems
  • Analyze threat actor capabilities and infrastructure
  • Develop tactical and strategic intelligence in ThreatConnect
  • Create, test, and document analytic techniques to make research repeatable
  • Share research findings, tradecraft, and associated signatures and detection analytics within ThreatConnect and beyond (blogs, webinars, conferences)
  • Curate and help prioritize the collected threat data
  • Teach our users about your findings and processes
  • Provide subject matter expertise to other teams to improve ThreatConnect


  • 5+ years of experience in cyber threat intelligence analysis and investigation
  • Strong understanding of threat data enrichment and pivoting as it relates to malware and network infrastructure
  • Strong verbal and written communication skills, with demonstrated works such as research, presentations, blogs, whitepapers, etc.
  • Familiarity with threat intelligence concepts and frameworks (Diamond Model, etc)
  • Familiarity with one or more cyber security data models (ThreatConnect data model, STIX, MISP, etc)
  • Ability to work remotely, both on independent tasks and on highly collaborative team projects
  • Ability to travel occasionally to attend conferences, deliver workshops, and participate in team onsite meetings
  • Bachelor’s degree in a work-related discipline from an accredited college or university. Equivalent experience considered

Desired Qualifications:

  • Experience in Incident Response, Security Operations, and/or supporting Computer Emergency Response Teams
  • Experience writing detection signatures such as YARA, Snort, and Sigma
  • Fluency in a foreign language
  • Industry Certifications such as GIAC/SANS or CISSP


  • 10 Paid Federal Holidays
  • Accrued Paid Time Off (PTO) for vacation/sick, time
  • Your birthday off
  • Employee recognition program with quarterly awards
  • Employee referral program
  • Military leave options available
  • Paid Parental leave
  • Paid Bereavement leave
  • Education reimbursement program for job-related college courses and professional training
  • Company-provided refreshments at our headquarters
  • Quarterly events with your geographic team
  • Annual company party


  • Prescription drug coverage
  • Dental coverage
  • Vision coverage
  • Company-paid short term and long term disability
  • Company-paid insurance and AD&D coverage
  • Pet Insurance


  • 401K retirement savings plan with company matching program up to 6%
  • Health Savings Account
  • Flexible Spending Accounts (medical, dependent care, transit and parking)
  • Cell phone stipend
Job tags: Analytics Automation CISSP GIAC Incident response Malware Military SANS Threat intelligence