Head of Threat Research

About Netcraft: Netcraft is the global leader in cybercrime detection, threat disruption, and automated takedown operations. Trusted by many of the world’s largest enterprise entities and global governments, we have blocked near 200 million cyber-attacks to date and systematically neutralize roughly 33% of global phishing campaigns. Our mission centers on protecting the world from sophisticated cybercrime through data-driven telemetry and high-fidelity operational response layers.

Role Summary

We are seeking a strategic and highly technical Head of Threat Research to lead our newly established capability within the expanding Product Strategy and Emerging Threats division. In this senior role, you will govern a team of dedicated threat analysts and own the technical content publication pipeline using Netcraft’s unique first-party datasets—spanning global malicious URL/domain telemetry and a takedown corpus tracking over 20 years of phishing, malware, and brand impersonation footprints. This position balances hands-on investigative research with global industry presentations and media engagement blocks.

Key Responsibilities

• Content Leadership & Representation: Define editorial direction and quality baselines for technical whitepapers, deep-dive customer briefs, and threat intelligence blog posts. Act as a prominent public speaker at keynotes, security conferences, and media channels.
• Advanced Threat Analysis: Investigate phishing mechanics, malicious JavaScript injections, social engineering networks, and malware delivery infrastructure using proprietary tracking telemetry and open-source intelligence (OSINT).
• Campaign Attribution: Dissect and attribute complex cybercrime architectures, infrastructure vectors, and TTPs to named threat actor groups and global illicit networks over time.
• Cross-Functional Detection Sync: Partner closely with core Engineering and Operations squads to transform analytical research insights into live platform detection rules, updated IOC feeds, and accelerated automated takedown signals.
• Framework Mapping Support: Direct technical client interactions by mapping critical campaign discoveries directly to standard security frameworks including MITRE ATT&CK, the Diamond Model, and the Cyber Kill Chain.
• Team Mentorship: Direct, scale, and provide technical peer reviews for a small group of threat intelligence professionals to maintain absolute accuracy prior to external publication.

Required Skills & Qualifications

• Several years of verified experience in threat intelligence operations, with a track record of leading, managing, or mentoring specialized security analysis units.
• Demonstrated history of published cybersecurity research (whitepapers, technical blogs, vulnerability analysis, or independent security conference presentations).
• Deep technical understanding of phishing execution, malware vectors, proxy infrastructures, online fraud mechanisms, and advanced threat actor TTPs.
• Current, active working knowledge of core web technologies, fundamental internet infrastructure parameters (DNS records, routing protocols, autonomous systems), and structured data analysis techniques.
• Strong editorial judgment with professional experience proofing, structuring, and upgrading technical research papers for quality and clarity.
• Excellent communication mechanics to present intricate cybercrime metrics comfortably to both deep-level technical teams and C-suite/government executives.
• Location Context: 100% remote working flexibility open to qualified subject matter experts located anywhere within the United States, with willingness for occasional travel.

Benefits & Total Rewards

• Competitive annualized salary plus access to unique Equity Tracking Units to share in Netcraft’s long-term enterprise scale.
• 33 days of annual vacation allowance (including national holidays, with flexibility to work if personally preferred).
• Generous enhanced family leave packages and tenured parental pay frameworks.
• Enhanced company-supported sick pay allocations.
• 401(k) Safe Harbor retirement savings plan containing direct employer matching scales.
• Comprehensive private health coverage plans including medical, dental, vision, and group life insurance structures.
• Two (2) paid Learning & Development days per calendar year with access to Udemy and Coursera platforms.
• Two (2) paid corporate Volunteering Days to support community involvement.
• Spot reward bonus eligibility schemes recognizing outstanding individual engineering contributions.