Senior Cyber Threat Researcher (Remote)

Role Summary

Senior Cyber Threat Researcher (Remote) to join and provide strategic leadership within Cyber Threat Intelligence (CTI). Responsibilities include intelligence analysis, threat research, delivering actionable briefs to technical and executive audiences, and guiding the growth of the threat hunting service. The role requires collaboration across teams to connect intelligence insights to detection and response actions and may involve mentoring threat hunters.

Responsibilities

• Discover, collect, analyze, and model cyber intrusion campaigns using internal security data, case investigations, and sourced intelligence.
• Research, produce, and deliver finished intelligence products and threat briefings to diverse audiences—including technical teams, business units, and senior executives—to inform tactical operations and strategic security planning.
• Develop and enhance capabilities for understanding adversary tools, tactics, and evolving infrastructure.
• Provide direct oversight, ownership, and continual maturation of the threat hunting service: develop methodologies, set execution standards, and mentor hunters; drive cross-functional and crowdsourced hunt initiatives; ensure intelligence-driven prioritization of hunt activities.
• Identify and recommend defensive improvements based on observations and insights from threat intelligence and hunt activities.

Qualifications

• Bachelor's Degree with 7 years experience; Master's Degree with 6 years experience; PhD with 2 years experience. Experience in application program development. Work experience should be in cyber security disciplines.
• Strong background in cybersecurity, with significant time in cyber threat intelligence and experience in incident response, forensics, detection engineering, or CSIRT operations.
• 5+ years in roles such as Intrusion Detection, Incident Response, Cyber Threat Intelligence, or similar security disciplines.
• Strong familiarity with standard threat frameworks (e.g., MITRE ATT&CK, Cyber Kill Chain) and hands-on experience analyzing adversary TTPs.
• Proficiency in creating detective content (e.g., SIEM correlation rules, Snort/YARA signatures) and deploying these assets with technical teams.
• Capability to conduct static and dynamic malware analysis and work with malware analysis tools.
• Scripting skills (e.g., Python, PowerShell) for automation, enrichment, and analysis.
• Experience analyzing event data from security controls and enterprise log management platforms, with ability to identify data gaps.
• Exceptional written and verbal communication skills; ability to condense complex threat information into actionable briefs for strategic, operational, and tactical audiences, including executives.