Threat Researcher

Hi, we’re Armorblox!
We help organizations communicate more securely over email and other cloud office applications with the power of Natural Language Understanding (NLU). The Armorblox platform connects over APIs and analyzes thousands of signals to understand who users are, what they do, and how they communicate. With this context, Armorblox can stop advanced email attacks like business email compromise, and also help organizations stay compliant by protecting their sensitive data from falling into the wrong hands. Security teams also become more proactive after using Armorblox because the platform automates away most of the manual and repetitive tasks involved in responding to user-reported email threats.
We create the VERY BEST People-first Company Culture through thoughtful programs that elevate and engage our People.  We are proud to have an industry-leading product, a gender score that ranks in the top 20%, and a diversity score that ranks in the top 30%.  We are honored Armorblox was awarded Great Place to Work, Omni Award for Outstanding Wellbeing and Benefits, Best Company Leadership, Best CEOs for Diversity, Best Company Compensation, and was featured in the 2019 Forbes AI 50 list and was named a 2020 Gartner Cool Vendor in Cloud Office Security. Founded in 2017, Armorblox is headquartered in Sunnyvale, CA and backed by the very best investors in Silicon Valley including General Catalyst and Next47.
Our Threat Intelligence team is dedicated to  defending our customers by cutting through the noise and identifying new patterns of attacks and codifying it into our machines by working alongside our Data Science team. You will be one of the first hires to join a broader team that includes those who have faced nation state, eCrime, and other types of adversaries in a threat intelligence, incident response, and/or threat detection function in past lives. Our mission is to stop bad actors that use emails as an avenue to penetrate  organizations.
If you read this and think, this is me - then let’s talk!  We would love to connect with you.

What cool things will you do?

• You will analyze abuse reports, new TTPs and report on new and emerging threats to our customers. 
• You will be hands-on performing research across multiple data sets during investigations and work with the Data Science and Engineering teams to produce this. This analysis will extract attacker TTPs, uncover unique attributes of their TTPs, and build attacker profiles with this data. 
• You will also be part of our marketing efforts to raise awareness about new TTPs to the broader intelligence sharing initiatives. 
• You will be a critical part of the security organization, ensuring not only Armorblox security, but  our partners’ trust of our environment and our platforms.

Why are you the perfect fit?

• You have first-hand knowledge of how advanced adversaries operate and their tactics, techniques, and procedures (TTPs)
• You have an understanding of existing and emerging threats to an organization spanning multiple industries and threat profiles
• A capable communicator, you are able to engage others in the business at multiple levels to translate threat research into actionable recommendations to shape the business
• You can identify patterns and trends across various data sources and distill findings concisely

Oh, and a few more things...here are some requirements we are looking for

• Experience conducting and correlating threat research using OSINT, incident response engagement data, and proprietary tools, and producing intelligence products
• 2+ years as an intelligence researcher,tracking attackers through network and endpoint artifacts.
• Experience with python, basic scripting, database tooling, and using automation platforms
• Experience with security analysis tools (Jupyter notebooks, Splunk, ElasticSearch, etc) 
• Experience with threats in AWS, Microsoft Azure, and Google Cloud
• Experience with hunting/IR tools used for host and network analysis
• Experience using Threat Intelligence Platforms, and building integrations with these platforms
• Familiarity with reverse engineering or malware research

Our People are our most important asset.We believe in recruiting the best talent that enhances our culture, embodies our values and empowers Armorblox. We center our programs and initiatives around our People and are committed to an inclusive and diverse team through programs and initiatives, equal pay, competitive benefits, and more.
Armorblox is an equal opportunity employer.  We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, age, disability, veteran, genetic information, marital status or any other legally protected status.