SecurityScorecard - Threat Researcher
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• 3-6 years of hands-on threat intelligence experience at a commercial vendor, financial institution, or intelligence-community organization with commercial output requirements. You have produced finished intelligence that went to paying customers or external audiences. • Proven written output: you have published research, written reports, or produced briefings that non-technical readers could act on. Work samples are required. • Software engineering baseline: you write Python as a standard part of your research workflow for automation, data collection, API querying, and pipeline building. You also deploy AI and LLM tooling as a daily force multiplier, not a novelty. • Proactive hunter mentality: you identify signals before they surface publicly. You have a process, not just a reactive monitoring habit. • Clear communication and synthesis: you write with precision and brevity. A 300-word brief for a CMO is as important as a 10-page whitepaper for a CISO. • Customer-facing capability: you can present research at an event, get on a webinar, and hold a room. Practitioner credibility is your advantage. • Bachelor's degree in Cybersecurity, Computer Science, Journalism, Political Science, or equivalent. Demonstrated output accepted in lieu of formal degree. • Background from a pure-play commercial TI vendor: Flashpoint, Recorded Future, Mandiant, CrowdStrike, Palo Alto Unit 42, Proofpoint, ZeroFox, Intel 471, Cybersixgill. • Financial services threat intelligence background: JPMorgan, Citigroup, Goldman Sachs, or equivalent TI teams where output is commercially oriented. • Published research, CVEs, conference presentations (Black Hat, DEF CON, RSA), or a recognized GitHub or blog presence. • Experience with DriftNet, Shodan, VirusTotal Intelligence, MISP, or comparable data platforms. • Detection engineering: YARA, Sigma, or Snort signature development. The ability to operationalize a research finding into a detection is a meaningful differentiator. • Familiarity with large-scale data pipelines or streaming platforms (Kafka, Splunk, or equivalent). SSC runs significant data infrastructure and understanding how signals flow through it matters. • Prior experience producing content that supported marketing, demand generation, or customer-facing commercial goals. • Benefits:Specific to each country, we offer a competitive salary, stock options, Health benefits, and unlimited PTO, parental leave, tuition reimbursements, and much more!
Responsibilities
• Produce finished threat intelligence: monthly and quarterly research reports, blog posts, and executive briefings that translate complex technical findings into content that non-technical buyers can act on. • Hunt threats proactively: track adversary TTPs, monitor dark web and underground forums, map infrastructure, and identify signals before they become public. Gilad's team produces the major quarterly deep reports; you support the higher-cadence monthly output. • Deploy AI-assisted workflows: use LLMs and automation tooling to accelerate your research pipeline, improve synthesis quality, and increase output velocity. This is a core expectation, not a bonus. • Write automation code: build Python scripts and pipelines for data collection, API querying, signal extraction, and detection logic. Your code is part of what you ship, not a side task. • Leverage data extraction tools to pull intelligence from SSC's proprietary data platform, producing insights that marketing can self-serve on and that inform customer-facing content. • Present and evangelize: get on webinars, show up at customer events, and explain what the data means to a CISO, an insurance buyer, or a CFO. Your credibility as a practitioner is the draw. • Collaborate with marketing team to align research output with content calendar, customer event needs, and demand generation goals. • Contribute to SSC's published research presence: blog posts, reports, and media briefings that build brand and drive inbound pipeline.
Benefits
• Specific to each country, we offer a competitive salary, stock options, Health benefits, and unlimited PTO, parental leave, tuition reimbursements, and much more! • SecurityScorecard is committed to Equal Employment Opportunity and embraces diversity. We believe that our team is strengthened through hiring and retaining employees with diverse backgrounds, skill sets, ideas, and perspectives. We make hiring decisions based on merit and do not discriminate based on race, color, religion, national origin, sex or gender (including pregnancy) gender identity or expression (including transgender status), sexual orientation, age, marital, veteran, disability status or any other protected category in accordance with applicable law. • We also consider qualified applicants regardless of criminal histories, in accordance with applicable law. We are committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need assistance or accommodation due to a disability, please contact [email protected]. • Any information you submit to SecurityScorecard as part of your application will be processed in accordance with the Company’s privacy policy and applicable law. • SecurityScorecard does not accept unsolicited resumes from employment agencies. Please note that we do not provide immigration sponsorship for this position. #LI-DNI
No credit card. Takes 10 seconds.