Cyber Threat Researcher

About UltraViolet Cyber: UltraViolet Cyber is an elite, platform-enabled unified security operations enterprise redefining global corporate defense through an advanced security-as-code engineering architecture. Founded and directed by veteran practitioners, our system eliminates traditional red-team and blue-team communication silos to provide real-time managed detection and response (MDR) layers. We secure high-stakes infrastructure spanning the Fortune 500, Federal Government agencies, and major commercial ecosystems globally from offices in McLean, Virginia, and across international hubs.

Position Overview

We are seeking a highly technical Cyber Threat Researcher (Level II) to join our Threat Intelligence & Detection Engineering (TIDE) squad. In this critical defensive engineering track, you will take ownership of proactive, hypothesis-driven threat hunting loops across multi-tenant customer environments. Moving far beyond static log observation, you will architect behavioral detection rules from scratch, analyze adversarial tactics, techniques, and procedures (TTPs), and translate raw intelligence into functional detections. This role bridges deep engineering execution with advisory communication, requiring regular engagement with client executives to explain detection metrics and fortify their security postures.

Key Responsibilities

• Detection Architecture Engineering: Design, build, and deploy custom behavior-based and threshold-based detection rules from scratch to deliver high-signal alerting across customer networks.
• Hypothesis-Driven Threat Hunting: Formulate, execute, and document proactive threat hunts across complex security logs and data streams to expose hidden adversarial footprints.
• Rule Tuning & Noise Reduction: Audit and optimize existing telemetry logic independently, minimizing false positive tracking noise while maintaining rigorous defensive boundaries.
• Adversarial TTP Tracking: Research emerging malware strains and actor vectors, mapping behavioral patterns systematically against the MITRE ATT&CK framework.
• Cross-Functional Incident Response: Partner directly alongside Security Operations Center (SOC) units and Incident Response teams to isolate, contain, and remediate active network compromises.
• Technical Mentorship & Advisory: Deliver actionable feedback and structural training to junior threat hunters while presenting complex cyber threat landscape analysis to corporate client executives.

Required Skills & Qualifications

• 4+ years of verified professional history in cybersecurity infrastructure, with a dedicated specialization of at least 1 year in threat hunting, security operations, or detection engineering.
• Demonstrated capability building, testing, and debugging alert logic within enterprise SIEM and EDR/XDR platforms.
• Strong backend automation and analysis engineering skills utilizing scripting systems like Python or PowerShell.
• Comprehensive operational command of adversarial tactics, techniques, and procedures modeled within the MITRE ATT&CK taxonomy matrix.
• Proven tracking record standing up in customer environments, writing technical threat assessment briefings, and presenting data trends to senior stakeholders.
• Legal Requirement: Due to federal contract management parameters, valid United States Citizenship is mandatory.
• Location Context: 100% remote-first operational framework open to qualified threat researchers permanently residing within the United States.

Preferred Strategic Indicators (Nice to Have)

• Hands-on experience deploying and fine-tuning custom behavioral alert frameworks inside SentinelOne, Elastic, or CrowdStrike software nodes.
• Prior experience directly supporting or operating within a dedicated Cyber Threat Intelligence (CTI) team structure.
• Industry-standard professional security certifications, such as GIAC Threat Hunting (GCTH), Certified Enterprise Defender (GCED), or Certified Intrusion Analyst (GCIA).

What We Offer

• Targeted Salary Range: $90,000 – $120,000 USD per annum (Calibrated objectively based on technical qualifications, certifications depth, and regional market coordinates).
• Comprehensive medical, dental, and vision insurance profiles available immediately on the month following your initial start date.
• Corporate 401(k) retirement structure with a 100% company match on the first 3% contributed and a 50% match on the next 2%.
• Full coverage plans for Group Term Life, Short-Term Disability, and Long-Term Disability insurances.
• Immediate participation parameters in our Discretionary Time Off (DTO) program paired with 11 paid company holidays annually.