Threat Analyst

About The Position

Requirements

• 2+ years of work experience in a related field or a Bachelor’s Degree in Computer Science, Computer Engineering, Cyber Security, etc.
• Experience generating indicators of compromise (IoCs) and conducting threat hunting using signatures.
• Excellent communication skills and the ability to assess the relevance and impact of threats.
• Experience building tools for automation, data collection, and threat hunting.
• Passion for open-source and code.

Nice To Haves

• Familiarity with TypeScript/JavaScript
• Experience leveraging LLMs or AI-based tools for threat detection

Responsibilities

• Analyze over 100 unique threats daily, maintaining a standard of quality that sets the industry benchmark for supply chain security.
• Author high-impact technical blog posts on malicious packages and publish 2-3 deep-dive research pieces on threat actor profiles, novel attack vectors, and ecosystem-wide trends.
• Design and build automated scripts and tools to streamline malware analysis, enhancing our data collection, threat summarization, and hunting workflows.
• Partner with our engineering team to integrate your research into our core product, turning manual insights into scalable, real-time protection.
• Leverage deep expertise in untapped ecosystems to enhance security across NuGet, browser extensions (Chrome/VS Code), and proactively monitor GitHub/GitLab for emerging malicious campaigns.
• Represent Socket in the broader security community by uncovering and documenting the tactics of sophisticated threat actors.