SecurityScorecard is an industry-leading cybersecurity company backed by Google, Sequoia, & Riverwood. Our mission is to make the world a safer place. We measure your & your vendors' cyber-health by assigning a security rating of "A" through "F" based on outside-in, non-intrusive data. Our Comprehensive security ratings, advanced data analytics, & actionable insights discover Third-Party Vulnerabilities & Security Gaps In Real-Time.
Headquartered in NYC with over 270+ employees globally, raised over $110M USD, used by 1,000+ enterprise customers, & rating 1.6 million companies. We have created a new category of enterprise software, & our culture has helped us be recognized as one of the 10 hottest SaaS startups in NY for two years in a row.
Our vision is to create a new language for companies & their partners to communicate, understand, & improve each others security posture.
About the team
The Threat Intelligence team at SecurityScorecard drives both basic & applied security research that directly & indirectly contribute to the security posture of our customers. The team has several objectives, including tracking, investigating, & analyzing the latest advanced threats & campaigns affecting our customers & their vendors, the development & design of signals which can automatically highlight active threats to customers or intrusions, & advising both internal & external stakeholders up the C-level on their security risk posture as part of threat intels professional services.
The tight-knit SSC team brings together staff with a combination of skills ranging from fundamental cyber threat intelligence gathering, software engineering, vulnerability analysis, Internet measurement, malware research, digital forensics, machine learning & data analysis, & networking & operating systems fundamentals that all together lead to the sourcing of active threats & data that can better help SecurityScorecard's customers protect their assets, understand their vendors, & educate their staff.
This team works in tandem with other teams in Cyber Threat Research & Intelligence, as well teams outside, including Data Science, Attribution, Scoring, & Data Analytics & Engineering, as well as publishes & communicates research with the outside world through conferences, partnerships, & organizations like the Cyber Threat Alliance.
What you will do
In this role, we are looking for an established & experience threat hunter/threat researcher that is comfortable with ambiguity, has demonstrated expertise at the highest levels of the security community, & is self-driven & able to work in an environment where every day presents a new challenge.
The right candidate will be expect to lead and/or play a major role in the following activities:
- Tracking active campaigns from major threat actors against public, private, & government entities
- Maintaining expert knowledge of APT, ransomware, & major cybercrime TTPs
- Writing & publishing reports & then sharing with the security research community through our partnerships
- Teaching & training others in the company on the tactics & methods of tracking advanced threats
- Providing threat context & integration support to multiple SecurityScorecard products
- Analyzing technical data to extract attacker TTPs, identify unique attributes of malware, map attacker infrastructure, & pivot to related threat data
- Identifying & hunting for emerging threat activity across all internal/external sources
- Establishing standards, taxonomy, & processes for threat modeling & integration
- Performing threat research & analysis during high-severity cyber-attacks impacting SecurityScorecard customers globally
- Has a history of public industry(BlackHat, DEFCON, SchmooCon, VirusBulletin, etc.) or applied academic security publications (USENIX Security, CCS, NDSS, S&P, etc.) related to threat hunting of criminal & Advanced Persistent Threats
- Has 7+ years of experience hunting threat actors (criminals or nation states), with specific technical experience (analysis of campaigns, malware involved, C2 servers, & CVEs exploited)
- Analysis of campaigns & actors extends beyond data breaches & traditional attacks (e.g. DDoS, public leaked credentials to network access) to sophisticated, nation-state or cybercrime-driven campaigns
- Deep experience working at a major public or large private non-government security company known for threat intelligence & Ransomware/APT tracking
- Additional experience in government in addition to industry working with U.S. intelligence & cyber security agencies as a threat hunter is welcomed
- Excellent communication & presentation skills with the ability to present to technical & non-technical audiences
- Exceptional written communication skills
- Strong decision making skills with the ability to prioritize & execute
- Ability to set & manage expectations with senior stake-holders & team members
- Strong problem solving, troubleshooting, & analysis skills
- Experience working in fast-paced, often chaotic environments during major incidents
- Excellent inter-personal & teamwork skills
We offer a competitive salary, stock options, a comprehensive benefits package, including health & dental insurance, unlimited PTO, parental leave, tuition reimbursements, & much more!
SecurityScorecard embraces diversity. We believe that our team is strengthened through hiring & retaining employees with diverse backgrounds, skillsets, ideas, & perspectives. We make hiring decisions based upon merit & do not discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.