Senior Threat and Detections Researcher

US Remote

Applications have closed


We help organizations succeed with Apple providing ability to manage Apple devices, connect users to resources and protect your business from cyber threats.

View company page

At Jamf, people are at the core of everything we do. We do what’s right for our customers, our employees, our communities and our world. We take pride in simplifying technology for tens of thousands of customers around the globe and helping organizations succeed with Apple.


Jamf operates as a choice-based office model. Choose to work in the office, connect 100% remote from your home, or find the blend that works best for you.


What you’ll do at Jamf:

The Senior Threat and Detections Researcher focuses on finding new ways to detect malicious activity inside of Jamf customer environments. Using various existing technologies as well as in-house tooling they will create new and innovative ways to lead threat research in the macOS space. From the monitoring of indicators of compromise to the creation of the more experimental behavioral based detections, researchers will have access to cutting-edge technology only found within the Jamf Threat Labs team. At the senior level the hired employee is expected to help train other members on the team on all responsibilities and skillsets listed below.


What you can expect to do in this role:

  • Write and manage host based macOS detections at the endpoint level
  • Perform analysis of detections to determine accuracy and precisions and tune detections accordingly based on results
  • Research new ways to detect malicious activity on macOS using a wide variety of custom-built tooling
  • Manage malware signatures to detect known threats on the macOS platform.
  • Stay up to date on the latest malware trends on macOS and design detections accordingly
  • Development of tools using python or other scripting languages to assist in day to day tasks
  • Research macOS system internals to find and report new vulnerabilities
  • Develop public facing material for important research developed while investigating newly discovered malware techniques and system internal findings
  • Train others on system internals and malware signature development
  • Assists in the management, organization, and prioritization of team efforts and goals
  • Serves as a technical resource for the team with regards to best practices and technical approach
  • Builds a deep understanding of workflows that make Jamf customers successful and apply that knowledge to ensuring the quality of each release 

What we are looking for:

  • Minimum 5 years experience in cyber security and intrusion detection (Required)
  • Minimum 5 years experience with endpoint detection software (Required)
  • Minimum 3 years experience in incident response (Required)
  • Experience with static and dynamic reverse engineering (Required)
  • Strong interest in macOS security (Required)
  • Strong experience with detecting malware using Yara rules
  • Experience with scripting or programming languages such as Bash, Python, Ruby, Objective-C or Swift
  • Experience with GitHub and Git
  • Customer value focus with the ability to quickly iterate based on emerging threats and customer feedback.
  • Solution focused ability working collaboratively in a fast-paced, agile environment
  • High school Diploma /GED (Required)
  • 4 year / Bachelor's Degree (Preferred)

Why Jamf?

  • Jamf Protect has received the honor of Endpoint Security Solution of the Year inCyberSecurity Breakthrough Awards, 2022.
  • Jamf Protect received the Security Software Solution of the Year, and Jamf Threat Defense has earned the title of Mobile Security Solution of the Year, in the 2022 Computer Security Awards.
  • You will have the opportunity to make a real and meaningful impact for more than 70,000 global customers with the best Apple device management solution in the world.
  • We put people over profits – which is why our customers keep coming back to us.
  • Our volunteer time off allows employees to support and give back to our communities.
  • We encourage you to simply be you. We constantly seek and value different perspectives to ensure Jamf is a place where everyone feels comfortable and can be successful.
  • 22 of 25 world’s most valuable brands rely on Jamf to do their best work (as ranked by Forbes).
  • Over 100,000 Jamf Nation users, the largest online IT community in the world.


JAMF is an equal opportunity employer and does not discriminate with regard to race, color, national origin, age, religion, disability, gender, sexual orientation, gender identity, genetic information, familial status, marital status, military status, or any other characteristics protected by federal, state, and local applicable fair employment practices laws.

The requirements and demands in this description represent those that must be met by an employee to successfully perform the functions of this job.  This is not intended to be an exhaustive list of all responsibilities, skills, efforts, or working conditions associated with the job, rather it is intended to be a reflection of those essential for recruitment and selection, for making fair job evaluations and for establishing performance expectations. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.  

Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. This document does not create an employment contract, implied or otherwise. It does not alter the "at will" employment relationship between the company and the employee.   

What is a Jamf?
You go above and beyond for others, are willing to help, and support the team around you. You value and learn from different perspectives. You are curious and resourceful, a problem-solver, self-driven and constantly improving. You are excited by not knowing what may lie ahead. You are willing to take risks, try new things, even fail just to do it better next time. You’re not a jerk. You are someone who cares about doing the right thing.

What does Jamf do?
Jamf extends the legendary Apple experience people enjoy in their personal lives to the workplace. We believe the experience of using a device at work or school should feel the same, and be as secure as, using a personal device. With Jamf, IT and security teams are able to confidently manage and protect Mac, iPad, iPhone and Apple TV devices, easing the burden of updating, deploying and securing the data used by their end-users. Jamf’s purpose is to simplify work by helping organizations manage and secure an Apple experience that end-users love and organizations trust.


We are free-thinkers, can-doers and problem crushers with a passion for helping customers empower their workforce to focus on their jobs, not the hassles of managing technology – freeing nurses to care, teachers to teach and businesses to thrive. We have over 2,500 employees worldwide who are encouraged to bring their whole selves to work each and every day.


Get social with us and follow the conversation at #OneJamf



* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Agile Bash C Endpoint security GitHub Incident response Intrusion detection Jamf MacOS Malware Mobile security Monitoring Python Reverse engineering Ruby Scripting Threat Research Vulnerabilities

Regions: Remote/Anywhere North America
Country: United States
Job stats:  39  2  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.