Are you interested in joining a rapidly growing global organization in the cyber industry? With over 550 employees, $140M ARR, and 1,000 clients, Recorded Future is the largest privately-held security intelligence company! Our intelligence integrates with over 80 security products from industry-leading companies, such as Splunk, ServiceNow, Microsoft, IBM, and AWS. Come jump on the rocket ship and help us protect businesses by disrupting adversaries!
This Role: As a technical threat researcher for our Insikt (Research) Group, you’ll work alongside our highly skilled team members and provide assistance researching cybercriminal and APT activities. Day-to-day responsibilities will include research leads-generation, analysis of malicious tools, infrastructure profiling, and writing high-quality intelligence assessments.
What you’ll do:
- Develop tools and methods to identify both commodity and custom malware, as well as track and discover new threats
- Support other threat intelligence analysts to analyze malware associated with APTs and cybercriminal threat actors to develop leads and insights into actor infrastructure, tooling, and targeting
- Perform network analysis of malicious infrastructure
- Develop network and host-based detection rules such as SNORT, YARA, and Sigma to detect APT or cybercriminal campaigns in line with Insikt research goals.
- Respond to client requests for written reports regarding their high priority issues
What you’ll bring (required):
- BA/BS degree or equivalent experience in Computer Science, Information Security, or a related field
- Knowledge of networking protocols, including TCP/IP
- Experience writing YARA, SNORT, and/or Sigma rules
- Scripting experience in Python, Go, Powershell, or Bash
- Experience in static and dynamic malware analysis of desktop and/or mobile malware
- Excellent written and verbal communication skills, ability to convey complex technical and non-technical concepts
Additional Skills/Experience (preferred but not required):
- Knowledge of Windows operating system internals and the Windows API
- Experience programming in C, C++, or Java
- Experience in the deobfuscation of malware, analysis of packers, malware decryption techniques
- Experience working and communicating directly with clients
- Multiple spoken languages are a plus
- MA/MS degree or equivalent experience in Computer Science, Information Security, or a related field
Why should you join Recorded Future?
From over 35 nationalities, our Futurists are the perfect recipe of humility, accountability, and collaborative attitudes. Our dedication to empowering clients with elite intelligence to disrupt adversaries has earned us a 4.7-star user rating from Gartner and 8 of the top 10 Fortune 100 companies as clients.
Want more info?
Blog & Podcast: Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence
Instagram & Twitter: What’s happening at Recorded Future
The Record: The Record is a cybersecurity news publication that explores the untold stories in this rapidly changing field
Timeline: History of Recorded Future
We are committed to maintaining an environment that attracts and retains talent from a diverse range of experiences, backgrounds and lifestyles. By ensuring all feel included and respected for being unique and bringing their whole selves to work, Recorded Future is made a better place every day.
If you need any accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to our recruiting team at email@example.com
Recorded Future is an equal opportunity and affirmative action employer and we encourage candidates from all backgrounds to apply. Recorded Future does not discriminate based on race, religion, color, national origin, gender including pregnancy, sexual orientation, gender identity, age, marital status, veteran status, disability or any other characteristic protected by law.
Recorded Future will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.