Staff Threat Researcher and Intelligence Engineer

About The Position

Requirements

• 7+ years of experience in threat intelligence research, including advanced collection and analysis methodologies, threat actor profiling, and MITRE ATT&CK techniques.
• 7+ years of experience in SIEM, SOAR, and EDR tools, both open source and commercial.
• 6+ years of experience in scripting and programming languages (e.g., Python, PowerShell, Go) for automating threat intelligence workflows and building research tools.
• 5+ years of experience architecting and coding threat intelligence platforms and research environments.
• 5+ years of experience in engineering solutions for large-scale data analysis, including security logs, product telemetry, and open-source intelligence.
• 3+ years of experience in producing and presenting high-impact threat research reports and technical briefings to diverse audiences.

Nice To Haves

• Experience leading the development and automation of threat intelligence and research platforms at scale.
• Subject matter expertise in retail and healthcare threat intelligence, with a focus on coding and research innovation.
• Advanced experience in dark net intelligence collection, threat actor research, and prototype development for new detection capabilities.
• Demonstrated ability to produce and present high-impact threat research reports and technical briefings to diverse audiences.
• Deep familiarity with SIEM, SOAR, and EDR tools, both open source and commercial.
• Proficiency in applying machine learning techniques to threat research, including experience with model development, feature engineering, and deployment for security analytics and anomaly detection.

Responsibilities

• Lead the design and development of advanced threat research platforms and prototypes, focusing on automation and scalable intelligence workflows.
• Architect and code solutions for collecting, processing, and analyzing diverse threat data sources, including telemetry, commercial feeds, and OSINT.
• Conduct in-depth research on emerging threat actors, tactics, techniques, and procedures (TTPs), including dark net intelligence gathering, and produce actionable reports for stakeholders.
• Engineer and automate the intelligence cycle, continuously improving processes for detection, alerting, and incident enrichment using SIEM, SOAR, and EDR technologies.
• Mentor and guide team members in advanced coding practices, threat research methodologies, and engineering best practices.
• Develop and present technical briefings, research papers, and position documents to executive leadership and external partners.

Benefits

• Affordable medical plan options, a 401(k) plan (including matching company contributions), and an employee stock purchase plan.
• No-cost programs for all colleagues including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
• Benefit solutions that address the different needs and preferences of our colleagues including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.