Sr. Threat Research Analyst
RiskIQ is the leader in attack surface management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 75 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social and mobile exposures. Trusted by thousands of security analysts, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk and take action to protect the business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners and MassMutual Ventures.
We are looking for a Senior Threat Researcher to join our team in San Francisco, Kansas City, or Remote.
The RiskIQ’s Research Team’s objective is to deliver tactical intelligence to RiskIQ customers based on research into both threats and vulnerabilities impacting our customer base. The analyst will leverage RiskIQ data to surface suspicious and interesting events to highlight potential vulnerabilities that attackers could leverage as avenues of attack across our customer bases attack surface. In addition the analyst will research and track new and ongoing attack campaigns to provide actionable threat intelligence to our customers and in our platforms.
Your responsibilities will include
- Apply your analytical knowledge and understanding of threat actors and attack vectors to proactively surface, analyze, and investigate attacks and campaigns to deliver tactical threat intelligence to RiskIQ’s customer base
- Ability to analyze network based artifacts to identify unique ways of tracking and correlating threat actor activity and campaigns
- Build off open source intelligence (OSINT) reporting to provide customers focused intelligence via RiskIQ’s platform in the form of indicators of compromise, threat intelligence projects and attack surface insights.
- Leverage the RiskIQ global collection grid to conduct investigations into specific threat actors of interest and develop original reporting for our Threat Intelligence Portal, highlighting our data collection and detection capabilities
- Leverage the RiskIQ global collection grid to deliver reporting on emerging threats and security trends
- Produce short form intelligence deliverables for use in customer briefings, trainings, and public facing blog posts
- Enable & increase RiskIQ’s ongoing detection efforts by discovering unique attack attributes, building custom detection rules, and surfacing new and ongoing attack campaigns
- Ability to work across a cross functional and distributed team of engineers, data scientists, security researchers, and analysts to deliver new capabilities and reporting
- 5+years experience conducting research into cybercrime and/or espionage campaigns
- Strong understanding of current threat landscape, recent attack campaigns, actors and the tools, tactics, and techniques used to successfully target and compromise organization
- Proficient in a programming or scripting languages such as Java, Python, Perl, etc
- Highly curious, Self motivated, and Self directed individual who can operate with high level guidance
- Analytical mindset and passion for digging through data to surface events of interest
- Excellent verbal, written, and interpersonal communications skill with the ability to concisely communicate and present technical and analytical findings across a broad spectrum of customers
- Experience developing scripts and tools to enable analysis of large data sets using python or other scripting languages
- Ability to conduct malware analysis and analyze network traffic associated with advanced attack campaigns
Why work at RiskIQ?
- Fascinating work - Welcome to the dark underbelly of the Internet. RiskIQ’s ability to help organizations map and monitor their attack surface, detect internet-scale threats, and investigate adversaries led to skyrocketing adoption by security teams around the world. It is the golden age of internet crime, and we are at the forefront of defensive efforts to stem the tide. Internet security is a global growth industry, and the knowledge you acquire here will be a marketable skill for decades to come.
- We’re a company on the forefront of a burgeoning industry - RiskIQ experienced explosive growth in 2018, including a 362.5 percent increase in net new product sales due to the steady adoption of attack surface management across the world. We also experienced a 365 percent increase in registration for RiskIQ community, our freemium entry-level product, showing the increasing role of security outside the firewall to the growth of businesses.
- Top Leadership - Our CEO is a renowned cybersecurity veteran known for his expertise. Our leadership group is poised and experienced with a track record in technology and cybersecurity.
- Unbounded opportunity - We’re growing! At RiskIQ, you’ll be provided with as much responsibility as you can handle—new career development opportunities constantly arise given our rate of growth.
- Flexibility - You’ll have a large workload, but also the freedom to accomplish it on your own terms.