Senior Staff Threat Researcher
Remote (US/Canada)
Applications have closed
SecurityScorecard
10x your security performance with the world's most powerful, AI-driven platform that identifies and eliminates cyber risk across all of your attack surfaces.About SecurityScorecard
SecurityScorecard is an industry-leading cybersecurity company backed by Google, Sequoia, and Riverwood. Our mission is to make the world a safer place. We measure your and your vendors' cyber-health by assigning a security rating of "A" through "F" based on outside-in, non-intrusive data. Our Comprehensive security ratings, advanced data analytics, and actionable insights discover Third-Party Vulnerabilities & Security Gaps In Real-Time.
Headquartered in NYC with over 270+ employees globally, raised over $110M USD, used by 1,000+ enterprise customers, and rating 1.6 million companies. We have created a new category of enterprise software, and our culture has helped us be recognized as one of the 10 hottest SaaS startups in NY for two years in a row.
Our vision is to create a new language for companies and their partners to communicate, understand, and improve each other’s security posture.
About the team
The Threat Intelligence team at SecurityScorecard drives both basic and applied security research that directly and indirectly contribute to the security posture of our customers. The team has several objectives, including tracking, investigating, and analyzing the latest advanced threats and campaigns affecting our customers and their vendors, the development and design of signals which can automatically highlight active threats to customers or intrusions, and advising both internal and external stakeholders up the C-level on their security risk posture as part of threat intel’s professional services.
The tight-knit SSC team brings together staff with a combination of skills ranging from fundamental cyber threat intelligence gathering, software engineering, vulnerability analysis, Internet measurement, malware research, digital forensics, machine learning and data analysis, and networking and operating systems fundamentals that all together lead to the sourcing of active threats and data that can better help SecurityScorecard's customers protect their assets, understand their vendors, and educate their staff.
This team works in tandem with other teams in Cyber Threat Research and Intelligence, as well teams outside, including Data Science, Attribution, Scoring, and Data Analytics and Engineering, as well as publishes and communicates research with the outside world through conferences, partnerships, and organizations like the Cyber Threat Alliance.
What you will do
In this role, we are looking for an established and experience threat hunter/threat researcher that is comfortable with ambiguity, has demonstrated expertise at the highest levels of the security community, and is self-driven and able to work in an environment where every day presents a new challenge.
The right candidate will be expect to lead and/or play a major role in the following activities:
- Tracking active campaigns from major threat actors against public, private, and government entities
- Maintaining expert knowledge of APT, ransomware, and major cybercrime TTPs
- Writing and publishing reports and then sharing with the security research community through our partnerships
- Teaching and training others in the company on the tactics and methods of tracking advanced threats
- Providing threat context and integration support to multiple SecurityScorecard products
- Analyzing technical data to extract attacker TTPs, identify unique attributes of malware, map attacker infrastructure, and pivot to related threat data
- Identifying and hunting for emerging threat activity across all internal/external sources
- Establishing standards, taxonomy, and processes for threat modeling and integration
- Performing threat research and analysis during high-severity cyber-attacks impacting SecurityScorecard customers globally
Basic Qualifications
- Has a history of public industry(BlackHat, DEFCON, SchmooCon, VirusBulletin, etc.) or applied academic security publications (USENIX Security, CCS, NDSS, S&P, etc.) related to threat hunting of criminal and Advanced Persistent Threats
- Has 7+ years of experience hunting threat actors (criminals or nation states), with specific technical experience (analysis of campaigns, malware involved, C2 servers, and CVEs exploited)
- Analysis of campaigns and actors extends beyond data breaches and traditional attacks (e.g. DDoS, public leaked credentials to network access) to sophisticated, nation-state or cybercrime-driven campaigns
- Fluent in at least one high-level programming language (Python, Ruby, JavaScript, etc.) and ability to use the experience to automate threat hunting and threat intelligence gathering activities
Preferred Experience:
- Deep experience working at a major public or large private non-government security company known for threat intelligence and Ransomware/APT tracking
- Additional experience in government in addition to industry working with U.S. intelligence and cyber security agencies as a threat hunter is welcomed
Additional Qualifications
- Excellent communication and presentation skills with the ability to present to technical and non-technical audiences
- Exceptional written communication skills
- Strong decision making skills with the ability to prioritize and execute
- Ability to set and manage expectations with senior stake-holders and team members
- Strong problem solving, troubleshooting, and analysis skills
- Experience working in fast-paced, often chaotic environments during major incidents
- Excellent inter-personal and teamwork skills
Benefits
We offer a competitive salary, stock options, a comprehensive benefits package, including health and dental insurance, unlimited PTO, parental leave, tuition reimbursements, and much more!
SecurityScorecard embraces diversity. We believe that our team is strengthened through hiring and retaining employees with diverse backgrounds, skillsets, ideas, and perspectives. We make hiring decisions based upon merit and do not discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.
Tags: Analytics APT C Cyber crime DDoS Forensics JavaScript Machine Learning Malware Python Ruby SaaS Threat intelligence Threat Research TTPs Vulnerabilities
Perks/benefits: Career development Competitive pay Conferences Equity Health care Insurance Parental leave Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs