Threat Researcher
HQ, US Remote
Applications have closed
Armorblox
Stop BEC, targeted phishing attacks, and data loss with Armorblox, an email security solution powered by Natural Language Understanding and Machine Learning.We help organizations communicate more securely over email and other cloud office applications with the power of Natural Language Understanding (NLU). The Armorblox platform connects over APIs and analyzes thousands of signals to understand who users are, what they do, and how they communicate. With this context, Armorblox can stop advanced email attacks like business email compromise, and also help organizations stay compliant by protecting their sensitive data from falling into the wrong hands. Security teams also become more proactive after using Armorblox because the platform automates away most of the manual and repetitive tasks involved in responding to user-reported email threats.
We create the VERY BEST People-first Company Culture through thoughtful programs that elevate and engage our People. We are proud to have an industry-leading product, a gender score that ranks in the top 20%, and a diversity score that ranks in the top 30%. We are honored Armorblox was awarded Great Place to Work, Omni Award for Outstanding Wellbeing and Benefits, Best Company Leadership, Best CEOs for Diversity, Best Company Compensation, and was featured in the 2019 Forbes AI 50 list and was named a 2020 Gartner Cool Vendor in Cloud Office Security. Founded in 2017, Armorblox is headquartered in Sunnyvale, CA and backed by the very best investors in Silicon Valley including General Catalyst and Next47.
Our Threat Intelligence team is dedicated to defending our customers by cutting through the noise and identifying new patterns of attacks and codifying it into our machines by working alongside our Data Science team. You will be one of the first hires to join a broader team that includes those who have faced nation state, eCrime, and other types of adversaries in a threat intelligence, incident response, and/or threat detection function in past lives. Our mission is to stop bad actors that use emails as an avenue to penetrate organizations.
If you read this and think, this is me - then let’s talk! We would love to connect with you.
What cool things will you do?
- You will analyze abuse reports, new TTPs and report on new and emerging threats to our customers.
- You will be hands-on performing research across multiple data sets during investigations and work with the Data Science and Engineering teams to produce this. This analysis will extract attacker TTPs, uncover unique attributes of their TTPs, and build attacker profiles with this data.
- You will also be part of our marketing efforts to raise awareness about new TTPs to the broader intelligence sharing initiatives.
- You will be a critical part of the security organization, ensuring not only Armorblox security, but our partners’ trust of our environment and our platforms.
Why are you the perfect fit?
- You have first-hand knowledge of how advanced adversaries operate and their tactics, techniques, and procedures (TTPs)
- You have an understanding of existing and emerging threats to an organization spanning multiple industries and threat profiles
- A capable communicator, you are able to engage others in the business at multiple levels to translate threat research into actionable recommendations to shape the business
- You can identify patterns and trends across various data sources and distill findings concisely
Oh, and a few more things...here are some requirements we are looking for
- Experience conducting and correlating threat research using OSINT, incident response engagement data, and proprietary tools, and producing intelligence products
- 2+ years as an intelligence researcher,tracking attackers through network and endpoint artifacts.
- Experience with python, basic scripting, database tooling, and using automation platforms
- Experience with security analysis tools (Jupyter notebooks, Splunk, ElasticSearch, etc)
- Experience with threats in AWS, Microsoft Azure, and Google Cloud
- Experience with hunting/IR tools used for host and network analysis
- Experience using Threat Intelligence Platforms, and building integrations with these platforms
- Familiarity with reverse engineering or malware research
Our People are our most important asset.We believe in recruiting the best talent that enhances our culture, embodies our values and empowers Armorblox. We center our programs and initiatives around our People and are committed to an inclusive and diverse team through programs and initiatives, equal pay, competitive benefits, and more.
Armorblox is an equal opportunity employer. We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, age, disability, veteran, genetic information, marital status or any other legally protected status.
Tags: APIs Automation AWS Azure Cloud Elasticsearch GCP Incident response Malware OSINT Python Reverse engineering Scripting Security analysis Splunk Threat detection Threat intelligence Threat Research TTPs
Perks/benefits: Competitive pay
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs