CrawlJobs Logo

Threat Intelligence Research Engineer

threatlocker.com Logo

ThreatLocker

Location Icon

Location:
United States , Orlando

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We’re looking for a Threat Intelligence Research Engineer who can bridge two worlds: deep cybersecurity expertise and clear, authoritative communication. In this role, you will analyze real-world threats, uncover emerging attacker behaviors, and translate complex technical findings into high-impact reports, briefs, and articles that educate and empower cybersecurity professionals. You will work at the intersection of engineering, research, and brand thought leadership, turning raw intelligence into content that drives awareness, supports our product narrative, and strengthens our authority within the cybersecurity community.

Job Responsibility:

  • Monitor, analyze, and report on emerging threats, indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and global threat trends
  • Investigate vulnerabilities, misconfigurations, malware behavior, ransomware campaigns, and exploit chains
  • Conduct independent research on threat actors, intrusion patterns, and security gaps relevant to our customer base
  • Collaborate with internal engineering, SOC, and threat teams to access proprietary intelligence and validate findings
  • Produce clear, defensible, and high-accuracy analysis based on data and technical evidence
  • Transform threat research into high-quality reports, whitepapers, blogs, briefs, advisories, and thought-leadership content
  • Write in a way that resonates with cybersecurity professionals, executives, and IT leaders
  • Contribute to articles under the names of internal subject matter experts (SMEs) to elevate their voices and strengthen company authority
  • Develop clear visuals, diagrams, and technical explanations to support complex research
  • Ensure all content is technically rigorous, original, and aligned with our Zero Trust security philosophy
  • Work with the SVP of Brand Marketing to shape the company’s editorial direction on threat intelligence topics
  • Support media, PR, and analyst engagements with accurate intelligence and expert insights
  • Participate in webinars, research discussions, and cross-team reviews to maintain accuracy and consistency
  • Help position the company as a trusted voice in cybersecurity through data-driven storytelling

Requirements:

  • 5+ years in cybersecurity research, threat intelligence, security engineering, SOC analysis, or malware analysis
  • Strong knowledge of attacker TTPs, MITRE ATT&CK, malware behavior, incident response, and threat hunting workflows
  • Hands-on familiarity with tools such as SIEMs, sandboxes, EDR platforms, packet analyzers, and OSINT frameworks
  • Ability to read logs, investigate incidents, and interpret technical artifacts
  • Proven experience writing technical reports, threat advisories, security research, or cybersecurity analysis
  • Ability to translate complex material into clear, concise content without losing technical accuracy
  • Strong editorial judgment and an understanding of narrative clarity and structure
  • Deep curiosity and a research-driven mindset
  • Commitment to accuracy, integrity, and evidence-backed analysis
  • Ability to juggle multiple research topics while meeting publishing deadlines
  • A collaborative mindset and willingness to work across engineering, security, and marketing teams

Additional Information:

Job Posted:
December 13, 2025

Work Type:
On-site work
Icon
ThreatLocker - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Threat Intelligence Research Engineer

Threat Intelligence Analyst

As a Threat Analyst at UpGuard, you will be an integral member of our Threat Sca...
Location
Location
United States , Chicago
Salary
Salary:
120000.00 USD / Year
https://www.upguard.com Logo
UpGuard
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Expertise in Open Source Intelligence: Strong understanding of OSINT methodologies with a focus on the open, deep, and dark web
  • Understanding of Software Development: Solid grasp of software development processes to deconstruct and interpret vulnerability disclosures effectively
  • Cross-Team Collaboration: Excellent communication skills to work with the Customer Success & Support teams, explaining capabilities and resolving customer issues
  • Independence and Initiative: A self-starter attitude with the ability to take ownership of tasks and drive them to completion independently or collaboratively
  • Technical Skills in Scripting: Proficiency in scripting languages such as Python, with the ability to learn and adapt to new programming languages as needed
Job Responsibility
Job Responsibility
  • Analyze Data Leaks: Process and assess incoming data feeds to identify whether customers have been impacted by data leaks
  • Contribute to Threat Intelligence Feeds: Enhance UpGuard’s proprietary threat intelligence feeds by researching and integrating new findings
  • Develop Vulnerability Detections: Build new product and vulnerability detections by reverse-engineering applications, analyzing vulnerability disclosures, and creating robust detection methodologies
  • Conduct Open Source Intelligence (OSINT) and Security Research: Focus heavily on identifying, analyzing, and interpreting open-source intelligence across the open, deep, and dark web to identify risks and vulnerabilities
What we offer
What we offer
  • Monthly Lifestyle subsidy: use this for financial, physical, and mental wellbeing
  • WFH set-up allowance: to ensure you have the right environment to work in, we will help you get set up within your first 3 months at UpGuard
  • $1,500 USD annual Learning & Development allowance: to support your career development all team members will be able to expense development opportunities against this allowance
  • Generous Annual Leave/PTO allowances: time to recharge your batteries
  • 18 weeks paid Parental Leave: irrespective of parenting role
  • Personal Leave allowance: this includes sick & carer’s leave
  • Fully remote working environment: while we have physical offices in Sydney & Hobart, we do not mandate compulsory attendance
  • Top-spec hardware: all team members will be provided with top-spec laptops for their roles
  • Personal device security & online privacy protection subsidy: UpGuard provides team members with a paid subscription to personal device security & online privacy protection platform
  • Generative AI subsidy: UpGuard provides paid subscriptions for all team members to access generative AI tools to support their work
  • Fulltime
Read More
Arrow Right

Senior Product Manager – Threat Detection

As a Product Manager – Threat Detection, you will be responsible for driving the...
Location
Location
United States
Salary
Salary:
182000.00 - 219000.00 USD / Year
https://corelight.com/ Logo
Corelight
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years in a technical support, engineering, or security research role
  • 3+ years in networking in a product or practitioner role
  • 5+ years overall experience in cybersecurity, with a focus on network security and threat detection
  • Strong understanding of network protocols, network security principles, and intrusion detection methodologies
  • Experience with Zeek (Bro) and its applications within NDR and security operations
  • Experience with network forensics, packet analysis, and network-based anomaly detection
  • Strong analytical skills, with the ability to interpret and apply threat intelligence and attack frameworks (e.g., MITRE ATT&CK)
  • Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity, or equivalent experience
Job Responsibility
Job Responsibility
  • Develop and maintain a cutting edge detection engineering program via collaboration with Corelight Labs Research
  • Execute the product strategy for Corelight’s threat detection capabilities
  • Research adversary tactics, emerging network threats, and novel detection methodologies to improve the effectiveness of Corelight’s NDR solutions
  • Work closely with threat researchers, SOC analysts, and detection engineers to develop high-fidelity detection logic and optimize network threat intelligence
  • Analyze network protocols and traffic patterns to identify new ways to extract valuable security-relevant insights
  • Collaborate with engineering, UX, and security research teams to develop new features and improve the usability of Corelight’s threat detection tools
  • Contribute to open-source security initiatives, representing Corelight in the broader security community and helping drive innovation
  • Act as a technical liaison between customers, security teams, and internal stakeholders to ensure Corelight remains the gold standard for network evidence collection
  • Define, prioritize, and refine product requirements for threat detection capabilities, integrations, and intelligence applications
  • Develop detection content, documentation, and best practices for leveraging Corelight’s platform in threat hunting and incident response workflows
What we offer
What we offer
  • Equity
  • Additional benefits
  • Collaborative, inclusive, and growth-oriented culture
  • AI-assisted workflows
  • Machine learning models
  • Cloud security and SaaS-based solutions
  • Geographically distributed yet connected employee base
  • Fulltime
Read More
Arrow Right

Senior Engineer, Detection R&D

This role is responsible for enhancing detection coverage and methodology throug...
Location
Location
United States , Bethesda
Salary
Salary:
100400.00 - 166800.00 USD / Year
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
February 04, 2026
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Information Security, or a related field
  • or equivalent experience and certifications
  • 6+ years of combined experience in detection engineering, red/purple teaming, security analytics, vulnerability management or cyber threat detection roles
  • 3+ years working with Splunk SIEM (Enterprise Security), CrowdStrike NG-SIEM, or developing UEBA/behavior-based threat detections
  • Hands-on experience with EDR tools such as CrowdStrike Falcon, MS Defender, Sentinel One, etc., and pen testing/vulnerability assessments
  • Proven ability to develop advanced detection content including correlation rules, behavioral analytics, and threat hunting queries
Job Responsibility
Job Responsibility
  • Provide mentorship for junior engineers and Detection Engineering resources
  • Conduct cyber threat detection methodology research aligned with cyber threat detection coverage gaps, threat modeling, and threat intelligence
  • Partner with CTI Team, Detection Engineering, Security Engineering and Security Architecture to develop behavior-based detections leveraging AI/ML and other methods
  • Develop prototype correlation searches, dashboards, reports and alerts within the SIEM, UEBA and Security Data Lake platforms
  • Share detection approaches, recommendations, developed analytics, and other products of detection research with CTI Teams, Detection Engineering and other teams as appropriate to inform detection development
  • Facilitate cross-team collaboration sessions to ideate and review detection use cases and detection methodologies
  • Document and share detection approaches for TTPs, threat models, and monitoring strategies using standard templates and methodologies
  • Collaborate with CTI Team, Detection Engineering, Security Architecture and Engineering teams to ensure detection coverage aligns with cybersecurity risks and business priorities
  • Engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
  • Attend SCRUM and prioritization meetings to review and update deliverables
What we offer
What we offer
  • 401(k) plan
  • stock purchase plan
  • discounts at Marriott properties
  • commuter benefits
  • employee assistance plan
  • childcare discounts
  • medical coverage
  • dental coverage
  • vision coverage
  • health care flexible spending account
  • Fulltime
!
Read More
Arrow Right

Security and Application Security Engineer

Beacon Technologies is seeking a Security and Application Security Engineer. The...
Location
Location
United States , Las Vegas
Salary
Salary:
Not provided
beacontechinc.com Logo
Beacon Technologies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of five years of Information Security experience with at least two years of application-level security
  • Strong communication skills: ability to convey and document security guidelines, requirements, and coding best practices
  • Familiarity with Security Best Practices in common coding languages
  • Application Penetration Testing / API Security Testing
  • Software Development Life Cycle Design and Implementation
  • Static and Dynamic Application Testing Tools and Methods
  • Container and orchestration security (Kubernetes, Docker, Octopus, GitHub, etc.)
  • Familiarity with Application Security Testing Frameworks such as OWASP
  • Strong logical and analytical thinker
  • exceptional skills in security systems solutions
Job Responsibility
Job Responsibility
  • Operate as a liaison between the Security Team and the Development Teams
  • Preserve PCI and SOX Security Certification programs with a primary focus on ensuring compliance with the appropriate industry standards and security controls
  • Supporting incident response and architecture review whenever applications security expertise is needed
  • Integrating threat modeling practices into the SDLC
  • Work with other staff to perform periodic scans and evaluation of system security including areas such as patch management, penetration testing, vulnerability assessments, and other types of InfoSec-related tasks
  • Assist in identifying and communicating security exposures, information security incidents or non-compliance situations to IT management or the CISO as appropriate. Duties may also include collecting and documenting cyber security and incident response event data as necessary.
What we offer
What we offer
  • Career advancement opportunities
  • extensive training
  • excellent benefits including paying for health and dental premiums for salaried employees.
  • Fulltime
Read More
Arrow Right

Chief Cybersecurity Solutions Officer

Loginsoft is a renowned provider of cybersecurity engineering services, speciali...
Location
Location
United States , Washington, DC
Salary
Salary:
Not provided
loginsoft.com Logo
Loginsoft
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10-15 years in technology solutions and engineering services, with 7-10 years in delivering effective cybersecurity solutions
  • Strong background in solution development, user research, and agile environments
  • Deep industry knowledge essential for strategic vision and planning
  • Proficient in impactful presentations, deal negotiation, and building client relationships
  • Effective representation of customer and end-user voices
  • Strong in developing simplified marketing content
  • Demonstrate leadership to effectively lead cross-functional teams, drive collaboration, and foster cross-functional teamwork, communication, and effective leadership
  • Demonstrate deal-closing expertise and stakeholder collaboration
  • Showcase familiarity with emerging cybersecurity tech for a visionary roadmap
  • Possess strategic thinking, entrepreneurial spirit, and strong understanding of the cybersecurity marketplace, including buyer and end-user priorities, with research, feedback, and effective communication skills
Job Responsibility
Job Responsibility
  • Cybersecurity Leadership and Roadmap Development: Lead and leverage expertise in threat intelligence, vulnerability management, cloud security, threat hunting, and threat detection. Address client pain points, stay informed on research, emerging technologies, and industry trends. Shape the cybersecurity solutions roadmap, evaluating emerging technology applications and their impact on partnerships, pricing, and planning. Foster a shared vision and advocate for the customer perspective throughout development, delivery, and deployment
  • Cybersecurity Engineering Services Growth and Adoption: Drive the growth and adoption of cybersecurity engineering services by driving penetration of existing solutions in the existing markets / cybersecurity product companies, and extending solutions to enterprise companies, delivering talented engineering resources and customized offerings. Collaborate with the CRO and CTO to align revenue generation efforts and customer satisfaction goals. Ensure the viability, feasibility, and desirability of security services by leveraging cybersecurity experience and industry knowledge. Gain comprehensive insights into the cybersecurity industry, including offerings, tools, major players, and trends. Work closely with stakeholders to fuel revenue growth and champion the customer's voice
  • Client Engagement and Relationship Management: Serve as a key point of contact for new clients / customers, collaborating with the CRO and CTO to deliver compelling presentations, lead negotiations, and align revenue goals with client expectations. Build and nurture lasting client relationships through effective communication, understanding their needs, and ensuring customer satisfaction. Represent the voice of the customer, working closely with stakeholders, including the CRO and CTO, to drive revenue growth and maintain strong partnerships
  • Strategic Partnerships and Collaborations: Forge strategic partnerships and collaborations by establishing strong relationships with industry stakeholders, fostering collaboration, and creating opportunities for joint initiatives and market expansion. Collaborate with marketing and communications teams to develop impactful content and messaging that effectively communicates the value and benefits of cybersecurity engineering services
  • Thought Leadership and Innovation: Provide thought leadership and innovation in the cybersecurity industry by staying informed about research advancements, emerging technologies, and industry trends. Identify opportunities to leverage existing innovations and invest in new ideas to deliver valuable cybersecurity solutions. Utilize deep knowledge of the industry, customers, and end-users to predict the future, define roadmaps, and position the cybersecurity solutions and the company as a leader in the market. Actively engage on LinkedIn and other social media platforms to promote our services and participate in industry forums as a speaker to drive industry recognition and engagement
  • Deal Closing and Strategic Collaboration: Collaborate with stakeholders, including the CTO, CRO, partners, and clients, to align strategies with market trends and customer needs. Drive the efforts to close deals by capitalizing on the abundant leads and opportunities we receive. Conduct research and gather feedback to define the vision, goals, and roadmap for cybersecurity solutions. Provide strategic guidance for business development, leveraging your expertise in successful deal closures. Foster cross-functional collaboration to bring industry-leading cybersecurity solutions to market, driving adoption, and ensuring successful outcomes
  • Fulltime
Read More
Arrow Right

Red Team Operations Manager

To lead, oversee, and quality assure the execution of Red Team engagements end-t...
Location
Location
United Kingdom
Salary
Salary:
Not provided
bugcrowd.com Logo
Bugcrowd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience leading and/or managing Red Team engagements in enterprise environments, preferably across multiple industries (e.g. finance, critical infrastructure, cloud / SaaS / OT)
  • Deep technical knowledge of exploitation, post-exploitation, lateral movement, persistence, command & control, evasion, privilege escalation
  • Good knowledge and experience with Blue Team controls e.g. IDS/IPS, SIEM, EDR, NGFW, log analysis, detection engineering, ideally experience in bypassing or evading them safely
  • Solid experience with modern cloud environments (Azure, AWS, GCP), hybrid / on-premise networks, potentially OT/IoT/industrial environments
  • Strong tradecraft / OpSec awareness around how to avoid detection and conduct operations with minimal operational risk
  • Familiarity with CREST / STAR / TIBER etc. and regulatory / compliance requirements in relevant geographies
  • Proven experience in threat intelligence ingestion, scenario design, mapping to relevant threat actors
  • Excellent written and verbal communication skills and able to produce high quality reports, executive summaries, interact with senior leadership, legal, compliance etc.
  • Good project / operations management skills with an eye for budgeting, scheduling, resource allocation, interfacing external/internal teams
  • Ability to make real-time decisions under pressure, to balance risk vs reward
Job Responsibility
Job Responsibility
  • Lead, oversee, and quality assure the execution of Red Team engagements end-to-end from scoping & planning, through execution, reporting, to debrief and capability development
  • Ensure that all operations are safe, legal, technically robust, aligned with threat intelligence, compliance frameworks, and deliver high value to customers
  • Act as a subject-matter expert and manager for both operations and sales / client-facing aspects of Red Team services
  • Lead multiple concurrent Red Team engagements across industries
  • Define, negotiate and document scope, objectives, rules of engagement, deliverables, constraints, escalation & approval pathways
  • Oversee milestone planning e.g. kick-offs, stand-ups, wash-ups, strategic debriefs
  • Manage resources e.g. operator assignments, tooling, support functions
  • Track engagement progress vs objectives, adjust as needed
  • Assess and manage technical risk ensuring that any red team activity minimises risk to customer operations, data, systems
  • Real-time decision making during operations around TTP deployment, bypass of defenses, managing detections or unexpected discovery
Read More
Arrow Right

Red Team Operations Manager

To lead, oversee, and quality assure the execution of Red Team engagements end-t...
Location
Location
Australia
Salary
Salary:
Not provided
bugcrowd.com Logo
Bugcrowd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience leading and/or managing Red Team engagements in enterprise environments, preferably across multiple industries (e.g. finance, critical infrastructure, cloud / SaaS / OT)
  • Deep technical knowledge of exploitation, post-exploitation, lateral movement, persistence, command & control, evasion, privilege escalation
  • Good knowledge and experience with Blue Team controls e.g. IDS/IPS, SIEM, EDR, NGFW, log analysis, detection engineering, ideally experience in bypassing or evading them safely
  • Solid experience with modern cloud environments (Azure, AWS, GCP), hybrid / on-premise networks, potentially OT/IoT/industrial environments
  • Strong tradecraft / OpSec awareness around how to avoid detection and conduct operations with minimal operational risk
  • Familiarity with CREST / STAR / TIBER etc. and regulatory / compliance requirements in relevant geographies
  • Proven experience in threat intelligence ingestion, scenario design, mapping to relevant threat actors
  • Excellent written and verbal communication skills and able to produce high quality reports, executive summaries, interact with senior leadership, legal, compliance etc.
  • Good project / operations management skills with an eye for budgeting, scheduling, resource allocation, interfacing external/internal teams
  • Ability to make real-time decisions under pressure, to balance risk vs reward
Job Responsibility
Job Responsibility
  • Lead multiple concurrent Red Team engagements across industries
  • Define, negotiate and document scope, objectives, rules of engagement, deliverables, constraints, escalation & approval pathways
  • Oversee milestone planning e.g. kick-offs, stand-ups, wash-ups, strategic debriefs
  • Manage resources e.g. operator assignments, tooling, support functions
  • Track engagement progress vs objectives, adjust as needed
  • Assess and manage technical risk ensuring that any red team activity minimises risk to customer operations, data, systems
  • Real-time decision making during operations around TTP deployment, bypass of defenses, managing detections or unexpected discovery
  • Review and approve attack plans, threat modelling, intelligence
  • Ensure operators employ strong operational security (OpSec), safe tradecraft, evidence collection, clean up post-engagement
  • Maintain up-to-date knowledge of Red Team tools, adversary TTPs, defensive controls, detection systems
Read More
Arrow Right
New

Threat Analyst

As a Threat Analyst at NTT DATA, you will be responsible for researching and ana...
Location
Location
Romania , Sibiu
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Computer Science, International Relations, or Intelligence Studies strongly preferred
  • Minimum 1–3 years of experience in cybersecurity or IT security roles
  • Advanced scripting capabilities (Python, PowerShell preferred)
  • Strong proficiency with threat intelligence platforms like MISP, ThreatConnect, or Anomali, Security Alliance
  • Deep familiarity with MITRE ATT&CK framework, dark web monitoring techniques, and attack simulation techniques
  • Demonstrated skills in cyber threat modeling, malware reverse engineering, and API-triggered automation
  • Strong analytical and problem-solving abilities
  • Excellent written and verbal communication skills
  • Attention to detail and accuracy in technical analysis
  • Direct experience working in government, military, or intelligence organizations advantageous
Job Responsibility
Job Responsibility
  • Research, track, and analyze Indicators of Compromise (IOCs) and threat actor profiles using sources that include open-source (OSINT), dark web forums, government feeds, and commercial intelligence platforms
  • Conduct detailed analysis of Threat Actor Tactics, Techniques, and Procedures (TTPs) and malware
  • Deliver actionable intelligence insights to enhance detection, prevention, and response embedded within the threat lifecycle
  • Develop and deliver weekly threat briefs, annual landscape overviews, and ad-hoc risk signals for both technical and non-technical audiences
  • Produce detailed reports based on industry-specific campaigns or identified vulnerability patterns
  • Communicate emerging threats to relevant technical stakeholders, influencing rapid mitigation strategy formulation
  • Integrate threat intelligence feeds (TIPs) into platforms like SIEM or SOAR, prioritizing automation workflows where required
  • Track and assess malware campaigns, underground forums, and marketplaces to identify emerging attack vectors
  • Analyze threat data to produce predictive insights about probable trends and future adversarial strategies
  • Represent NTT DATA at external security forums and intelligence-sharing communities
What we offer
What we offer
  • Smooth integration and a supportive mentor
  • Choose from Remote, Hybrid or Office work opportunities
  • Projects have different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance
  • Individual coaching sessions or joining our accredited Coaching School
  • Epic parties or themed events
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy