Senior Staff Threat Intelligence Researcher

What you’ll do:

• Independently identify, analyze and track advanced nation state and financially motivated threat actors and their tactics, techniques, and procedures (TTPs).
• Drive development of strategies to hunt mobile threats targeting enterprises and individuals.
• Reverse-engineer and analyze capabilities of mobile malware.
• Investigate adversary command-and-control and phishing infrastructure.
• Conduct independent research and report findings to Threat Intelligence customers.
• Mine internal and external data sources to identify new campaigns, malware families, and malicious actors.
• Devise and implement new detection logic and develop innovative and efficient ways to expand and finetune coverage.
• Prepare and deliver public media reports and present findings at conferences and customer events.
• Serve as a key technical leader for customer, prospect, and partner engagement activities.

What we’re looking for:

• Experience in threat hunting across multiple datasets, security tools such as VirusTotal, Validin, and Shodan and leveraging big data technologies (e.g., Lucene, ElasticSearch, AWS Athena).
• Experience in reverse engineering software (mobile app reversing preferred).
• Ability to articulate technical findings both in written reports and presentations.
• Experience using some of the following tools: JEB, IDA Pro, Ghidra, Hopper, Frida, Wireshark, DirBuster.
• Ability to read code in Java and C; ARM Assembly, ObjectiveC and Swift is a bonus.
• Experience in conducting OSINT investigations.
• Ability to create research tools in Python.
• Experience with threat intelligence file types, tools and terminology such as MITRE ATT&CK, STIX, YARA, MISP, OpenCTI and the Intelligence Cycle.
• Interest in geopolitical dynamics and the ability to apply that context to inform intelligence analysis and threat hunting activities.
• Curiosity and a strong drive to understand how both state and criminal actors operate.