Back to all jobs

Principal Threat Researcher

SecurityScorecard

Jul 15

About SecurityScorecard

SecurityScorecard is an industry-leading cybersecurity company backed by Google, Sequoia, and Riverwood. Our mission is to make the world a safer place. We measure your and your vendors' cyber-health by assigning a security rating of "A" through "F" based on outside-in, non-intrusive data. Our Comprehensive security ratings, advanced data analytics, and actionable insights discover Third-Party Vulnerabilities & Security Gaps In Real-Time.
Headquartered in NYC with over 270+ employees globally, raised over $110M USD, used by 1,000+ enterprise customers, and rating 1.6 million companies. We have created a new category of enterprise software, and our culture has helped us be recognized as one of the 10 hottest SaaS startups in NY for two years in a row.
Our vision is to create a new language for companies and their partners to communicate, understand, and improve each other’s security posture.

About the team

The Threat Intelligence team at SecurityScorecard drives both basic and applied security research that directly and indirectly contribute to the security posture of our customers. The team has several objectives, including tracking, investigating, and analyzing the latest advanced threats and campaigns affecting our customers and their vendors, the development and design of signals which can automatically highlight active threats to customers or intrusions, and advising both internal and external stakeholders up the C-level on their security risk posture as part of threat intel’s professional services.

The tight-knit SSC team brings together staff with a combination of skills ranging from fundamental cyber threat intelligence gathering, software engineering, vulnerability analysis, Internet measurement, malware research, digital forensics, machine learning and data analysis, and networking and operating systems fundamentals that all together lead to the sourcing of active threats and data that can better help SecurityScorecard's customers protect their assets, understand their vendors, and educate their staff.

This team works in tandem with other teams in Cyber Threat Research and Intelligence, as well teams outside, including Data Science, Attribution, Scoring, and Data Analytics and Engineering, as well as publishes and communicates research with the outside world through conferences, partnerships, and organizations like the Cyber Threat Alliance.

What you will do

In this role, we are looking for an established and experience threat hunter/threat researcher that is comfortable with ambiguity, has demonstrated expertise at the highest levels of the security community, and is self-driven and able to work in an environment where every day presents a new challenge.

The right candidate will be expect to lead and/or play a major role in the following activities:

  • Tracking active campaigns from major threat actors against public, private, and government entities
  • Maintaining expert knowledge of APT, ransomware, and major cybercrime TTPs
  • Writing and publishing reports and then sharing with the security research community through our partnerships
  • Teaching and training others in the company on the tactics and methods of tracking advanced threats
  • Providing threat context and integration support to multiple SecurityScorecard products
  • Analyzing technical data to extract attacker TTPs, identify unique attributes of malware, map attacker infrastructure, and pivot to related threat data
  • Identifying and hunting for emerging threat activity across all internal/external sources
  • Establishing standards, taxonomy, and processes for threat modeling and integration
  • Performing threat research and analysis during high-severity cyber-attacks impacting SecurityScorecard customers globally

Basic Qualifications 

  • Has a history of public industry(BlackHat, DEFCON, SchmooCon, VirusBulletin, etc.) or applied academic security publications (USENIX Security, CCS, NDSS, S&P, etc.) related to threat hunting of criminal and Advanced Persistent Threats
  • Has 7+ years of experience hunting threat actors (criminals or nation states), with specific technical experience (analysis of campaigns, malware involved, C2 servers, and CVEs exploited)
  • Analysis of campaigns and actors extends beyond data breaches and traditional attacks (e.g. DDoS, public leaked credentials to network access) to sophisticated, nation-state or cybercrime-driven campaigns
  • Fluent in at least one high-level programming language (Python, Ruby, JavaScript, etc.) and ability to use the experience to automate threat hunting and threat intelligence gathering activities

Preferred Experience:

  • Deep experience working at a major public or large private non-government security company known for threat intelligence and Ransomware/APT tracking
  • Additional experience in government in addition to industry working with U.S. intelligence and cyber security agencies as a threat hunter is welcomed

Additional Qualifications 

  • Excellent communication and presentation skills with the ability to present to technical and non-technical audiences
  • Exceptional written communication skills
  • Strong decision making skills with the ability to prioritize and execute
  • Ability to set and manage expectations with senior stake-holders and team members
  • Strong problem solving, troubleshooting, and analysis skills
  • Experience working in fast-paced, often chaotic environments during major incidents
  • Excellent inter-personal and teamwork skills

Benefits

We offer a competitive salary, stock options, a comprehensive benefits package, including health and dental insurance, unlimited PTO, parental leave, tuition reimbursements, and much more!

SecurityScorecard embraces diversity. We believe that our team is strengthened through hiring and retaining employees with diverse backgrounds, skillsets, ideas, and perspectives. We make hiring decisions based upon merit and do not discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.