RiskIQ is the leader in attack surface management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 75 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social and mobile exposures. Trusted by thousands of security analysts, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk and take action to protect the business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners and MassMutual Ventures.
We are looking for a Senior Solutions Architect, i3 Manager to join our team.
The Incident Investigations and Intelligence (i3) Program within RiskIQ oversees managed intelligence services of the External Threats Product workspaces as well as the Executive Guardian product workspaces for clients. Executive Guardian is designed to protect C-Suite and high-net-worth individuals from physical threats, exposures of Personally Identifiable Information (PII), and instances of social media account impersonation thereby safeguarding the individual, their reputation, family, and by extension, the company. External Threats protects clients from phishing attacks, domain infringement, mobile app fraud, social and brand impersonation, and data leakage. The i3 Team also delivers RiskIQ professional services – typically bundled with ET or EG workspaces – to create a holistic threat monitoring, identification, and mitigation capability known as the Threat Desk.
The Senior Solution Architect, i3 Manager (SSA) will report to RiskIQ’s Worldwide Solution Architect leader and is responsible for overseeing and managing i3 client relationships to ensure seamless delivery of intelligence analysis around the Threat Desk offering, as well as professional services to i3 clients who subscribe to Advanced Investigations or Analyst-on-Demand services. The (SSA) collaborates on a daily basis with i3 analytic professionals tasked with building and maintaining complex technical logic to identify leaked personal information, digital and kinetic threats, and social media impersonations for high-net-worth individuals. Additionally, the i3 team analyzes instances of phishing and impersonation of domain, social media and brand as well as data leaks. The i3 SSA acts as the interface between RiskIQ strategic clients and the i3 Team to manage i3’s response to client workspace threat events and leads investigations, with the end result the delivery of finished intelligence to the client, along with mitigative steps to protect the client’s brand, intellectual property, or sensitive data. The SSA also oversees and participates in the production and dissemination of time-sensitive threat analysis relevant to the safety and security of clients, their assets and operations. The SSA is analytically proficient and is able to lead investigations, yet also work with the team as a strong individual contributor when needed. The SSA must be proactive, consultative, and business-minded, using both available open source and proprietary data sets to develop analytic and innovative solutions in response to client needs and to attribute virtual threat actors to their actions as threats arise. This role is highly client facing yet offers the opportunity to tap into i3’s sizable analytic team for support, with an opportunity for growth within RiskIQ.
Represent RiskIQ into our Strategic Account Clients (post-sales) who subscribe to i3 products and services for Executive Guardian and Managed Intelligence Services as well as Advanced Investigations, Analyst-on-Demand, and Tailored Intelligence
- Project Manage the relationship between the client and the i3 Threat Desk resources, ensuring that Requests for Information (RFIs) are handled in accordance with SLAs and in line with i3 standards for excellence
- Lead i3 Investigations which stem from client RFIs on events including data breaches, threat attribution, InfoSec incident response and loss of intellectual property/insider threat, and escalated suppression of leaked PII and/or impersonations of social media accounts for covered individuals
- Review client workspaces and appropriately escalate detections based on the urgency of the discovered threat
- Assist in the production of threat analysis for dissemination to consumers on the safety and security of clients, assets and operations, including impact assessment and mitigation recommendations
- Include solution-oriented recommendations in all analyses, as appropriate
- Identify opportunities to predict and prevent future security issues and/or incidents
- Collaborate with client security teams to constantly improve analytic standards, workflows, and success metrics and develop/improve analytic products as appropriate
- Collaborate with RiskIQ Legal and Engineering teams to ensure appropriate mitigation of identified risks within the platform
- Lead, participate in, or support i3 Intelligence and Investigation activities as needs arise
- Maintain on-call posture to support client needs in response to platform threat detection
- Regularly visit and communicate with clients, collect intelligence requirements, develop collection plans and track metrics around deliverables
- Partner with RiskIQ Solutions Architects and Sales Team to deliver quarterly business reviews
- Bachelor's degree required; Master’s desirable
- Minimum of 7+ years’ experience running counterintelligence investigations, HUMINT intelligence collection operations in the US Intelligence Community, corporate threat attribution investigations and/or incident response; Field Tradecraft Certification (FTC) as a Core Collector highly desirable
- Experience working directly with intelligence analysts and targeters; direct management and coordination of intelligence resources highly preferred
- Technical proficiency with open source research tools and techniques
- Strong written and oral communication skills
- Experience initiating and conducting complex investigative analysis, and communicating findings to consumers
- Background in cyberthreat analysis required; background in counterterrorism, counterproliferation or counter-narcotic analysis preferred
- Strong interpersonal skills
- Ability to interpret raw intelligence and brief findings to customers
- Proven ability to transfer raw intelligence into a finished product using all-source intelligence and threat mitigation techniques centered around industry best practices
- Ability to work independently and also as part of a team
- Approximately 10-30% global travel may be required
- English Language fluency required; additional languages highly desirable
- Ability to obtain a US Security Clearance – TS compartmented or higher
Why work at RiskIQ?
- Fascinating work - Welcome to the dark underbelly of the Internet. RiskIQ’s ability to help organizations map and monitor their attack surface, detect internet-scale threats, and investigate adversaries led to skyrocketing adoption by security teams around the world. It is the golden age of internet crime, and we are at the forefront of defensive efforts to stem the tide. Internet security is a global growth industry, and the knowledge you acquire here will be a marketable skill for decades to come.
- We’re a company on the forefront of a burgeoning industry - RiskIQ experienced explosive growth in 2018, including a 362.5 percent increase in net new product sales due to the steady adoption of attack surface management across the world. We also experienced a 365 percent increase in registration for RiskIQ community, our freemium entry-level product, showing the increasing role of security outside the firewall to the growth of businesses.
- Top Leadership - Our CEO is a renowned cybersecurity veteran known for his expertise. Our leadership group is poised and experienced with a track record in technology and cybersecurity.
- Unbounded opportunity - We’re growing! At RiskIQ, you’ll be provided with as much responsibility as you can handle—new career development opportunities constantly arise given our rate of growth.
- Flexibility - You’ll have a large workload, but also the freedom to accomplish it on your own terms.