CrawlJobs Logo

Threat Intelligence Research Engineer

threatlocker.com Logo

ThreatLocker

Location Icon

Location:
United States , Orlando

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We’re looking for a Threat Intelligence Research Engineer who can bridge two worlds: deep cybersecurity expertise and clear, authoritative communication. In this role, you will analyze real-world threats, uncover emerging attacker behaviors, and translate complex technical findings into high-impact reports, briefs, and articles that educate and empower cybersecurity professionals. You will work at the intersection of engineering, research, and brand thought leadership, turning raw intelligence into content that drives awareness, supports our product narrative, and strengthens our authority within the cybersecurity community.

Job Responsibility:

  • Monitor, analyze, and report on emerging threats, indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and global threat trends
  • Investigate vulnerabilities, misconfigurations, malware behavior, ransomware campaigns, and exploit chains
  • Conduct independent research on threat actors, intrusion patterns, and security gaps relevant to our customer base
  • Collaborate with internal engineering, SOC, and threat teams to access proprietary intelligence and validate findings
  • Produce clear, defensible, and high-accuracy analysis based on data and technical evidence
  • Transform threat research into high-quality reports, whitepapers, blogs, briefs, advisories, and thought-leadership content
  • Write in a way that resonates with cybersecurity professionals, executives, and IT leaders
  • Contribute to articles under the names of internal subject matter experts (SMEs) to elevate their voices and strengthen company authority
  • Develop clear visuals, diagrams, and technical explanations to support complex research
  • Ensure all content is technically rigorous, original, and aligned with our Zero Trust security philosophy
  • Work with the SVP of Brand Marketing to shape the company’s editorial direction on threat intelligence topics
  • Support media, PR, and analyst engagements with accurate intelligence and expert insights
  • Participate in webinars, research discussions, and cross-team reviews to maintain accuracy and consistency
  • Help position the company as a trusted voice in cybersecurity through data-driven storytelling

Requirements:

  • 5+ years in cybersecurity research, threat intelligence, security engineering, SOC analysis, or malware analysis
  • Strong knowledge of attacker TTPs, MITRE ATT&CK, malware behavior, incident response, and threat hunting workflows
  • Hands-on familiarity with tools such as SIEMs, sandboxes, EDR platforms, packet analyzers, and OSINT frameworks
  • Ability to read logs, investigate incidents, and interpret technical artifacts
  • Proven experience writing technical reports, threat advisories, security research, or cybersecurity analysis
  • Ability to translate complex material into clear, concise content without losing technical accuracy
  • Strong editorial judgment and an understanding of narrative clarity and structure
  • Deep curiosity and a research-driven mindset
  • Commitment to accuracy, integrity, and evidence-backed analysis
  • Ability to juggle multiple research topics while meeting publishing deadlines
  • A collaborative mindset and willingness to work across engineering, security, and marketing teams

Additional Information:

Job Posted:
December 13, 2025

Work Type:
On-site work
Icon
ThreatLocker - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Threat Intelligence Research Engineer

Threat Intelligence Analyst

As a Threat Analyst at UpGuard, you will be an integral member of our Threat Sca...
Location
Location
United States , Chicago
Salary
Salary:
120000.00 USD / Year
https://www.upguard.com Logo
UpGuard
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Expertise in Open Source Intelligence: Strong understanding of OSINT methodologies with a focus on the open, deep, and dark web
  • Understanding of Software Development: Solid grasp of software development processes to deconstruct and interpret vulnerability disclosures effectively
  • Cross-Team Collaboration: Excellent communication skills to work with the Customer Success & Support teams, explaining capabilities and resolving customer issues
  • Independence and Initiative: A self-starter attitude with the ability to take ownership of tasks and drive them to completion independently or collaboratively
  • Technical Skills in Scripting: Proficiency in scripting languages such as Python, with the ability to learn and adapt to new programming languages as needed
Job Responsibility
Job Responsibility
  • Analyze Data Leaks: Process and assess incoming data feeds to identify whether customers have been impacted by data leaks
  • Contribute to Threat Intelligence Feeds: Enhance UpGuard’s proprietary threat intelligence feeds by researching and integrating new findings
  • Develop Vulnerability Detections: Build new product and vulnerability detections by reverse-engineering applications, analyzing vulnerability disclosures, and creating robust detection methodologies
  • Conduct Open Source Intelligence (OSINT) and Security Research: Focus heavily on identifying, analyzing, and interpreting open-source intelligence across the open, deep, and dark web to identify risks and vulnerabilities
What we offer
What we offer
  • Monthly Lifestyle subsidy: use this for financial, physical, and mental wellbeing
  • WFH set-up allowance: to ensure you have the right environment to work in, we will help you get set up within your first 3 months at UpGuard
  • $1,500 USD annual Learning & Development allowance: to support your career development all team members will be able to expense development opportunities against this allowance
  • Generous Annual Leave/PTO allowances: time to recharge your batteries
  • 18 weeks paid Parental Leave: irrespective of parenting role
  • Personal Leave allowance: this includes sick & carer’s leave
  • Fully remote working environment: while we have physical offices in Sydney & Hobart, we do not mandate compulsory attendance
  • Top-spec hardware: all team members will be provided with top-spec laptops for their roles
  • Personal device security & online privacy protection subsidy: UpGuard provides team members with a paid subscription to personal device security & online privacy protection platform
  • Generative AI subsidy: UpGuard provides paid subscriptions for all team members to access generative AI tools to support their work
  • Fulltime
Read More
Arrow Right

Senior Staff Researcher

As a Senior Designated CTI Analyst (DCA) on the Unit 42 CTI Services Delivery Te...
Location
Location
United States , Santa Clara
Salary
Salary:
139600.00 - 225775.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 7 years of experience in the cyber threat intelligence (CTI) field with a specialized focus on intelligence engineering and threat research
  • Strong understanding of security tooling, including the underlying data structures and complex data flows required for modern defense
  • Strong ability to architect scalable solutions to process, deduplicate, and enrich threat data, ensuring all intelligence is accurately tagged and discoverable by analytic end users
  • Knowledge of cyber threat actors, noteworthy attacks, and the ability to quickly recognize shifts or deviations from threat activity baselines. Ability to provide tailored defensive recommendations based on identified activity
  • A proven track record of proactive threat hunting within enterprise security consoles with a strong preference for experience using Palo Alto Networks’ Cortex product
  • Experience communicating complex threat intelligence to diverse audiences, including C-suite executives
  • Proven ability to operate under short-fuse deadlines, manage concurrent tasks, and thrive in complex and sometimes ambiguous situations
  • Deep experience with cyber threat intelligence frameworks (e.g., MITRE ATT&CK) and advanced analytical techniques
  • Previous experience supporting a customer organization as a designated resource preferred
Job Responsibility
Job Responsibility
  • Integrate intelligence use cases into security tooling, including data feed collation, deduplication, and the creation of threat dashboards
  • Correlate raw network and host-based indicators to attribute activity to specific threat actor groups, intrusion clusters, and malware families
  • Utilize Palo Alto Networks telemetry, commercial tools, and open-source data to identify and track threat activities of interest, pivoting between the customers findings and Palo Alto Networks telemetry
  • Leverage intelligence discoveries to perform threat hunts within the client’s Cortex security console
  • Provide tailored research and analysis for client-based Requests for Information (RFIs) to include relevant cyber threat activities, trends, or shifts in the threat landscape
  • Create a cyber threat profile that identifies top threats and provides tailored defensive recommendations based on their unique operational footprint
  • Assist in upskilling customer team capacity through mentorship sessions, and other micro-learning initiatives on best practices in CTI
  • Provide monthly briefings to customer leadership highlighting relevant threats, trends, and support provided
  • Fulltime
Read More
Arrow Right

Senior Staff Researcher

As a Senior Designated CTI Analyst (DCA) on the Unit 42 CTI Services Delivery Te...
Location
Location
United States , Santa Clara
Salary
Salary:
139600.00 - 225775.00 USD / Year
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 7 years of experience in the cyber threat intelligence (CTI) field with a specialized focus on intelligence engineering and threat research
  • Strong understanding of security tooling, including the underlying data structures and complex data flows required for modern defense
  • Strong ability to architect scalable solutions to process, deduplicate, and enrich threat data, ensuring all intelligence is accurately tagged and discoverable by analytic end users
  • Knowledge of cyber threat actors, noteworthy attacks, and the ability to quickly recognize shifts or deviations from threat activity baselines. Ability to provide tailored defensive recommendations based on identified activity
  • A proven track record of proactive threat hunting within enterprise security consoles with a strong preference for experience using Palo Alto Networks’ Cortex product
  • Experience communicating complex threat intelligence to diverse audiences, including C-suite executives
  • Proven ability to operate under short-fuse deadlines, manage concurrent tasks, and thrive in complex and sometimes ambiguous situations
  • Deep experience with cyber threat intelligence frameworks (e.g., MITRE ATT&CK) and advanced analytical techniques
  • Previous experience supporting a customer organization as a designated resource preferred
Job Responsibility
Job Responsibility
  • Integrate intelligence use cases into security tooling, including data feed collation, deduplication, and the creation of threat dashboards
  • Correlate raw network and host-based indicators to attribute activity to specific threat actor groups, intrusion clusters, and malware families
  • Utilize Palo Alto Networks telemetry, commercial tools, and open-source data to identify and track threat activities of interest, pivoting between the customers findings and Palo Alto Networks telemetry
  • Leverage intelligence discoveries to perform threat hunts within the client’s Cortex security console
  • Provide tailored research and analysis for client-based Requests for Information (RFIs) to include relevant cyber threat activities, trends, or shifts in the threat landscape
  • Create a cyber threat profile that identifies top threats and provides tailored defensive recommendations based on their unique operational footprint
  • Assist in upskilling customer team capacity through mentorship sessions, and other micro-learning initiatives on best practices in CTI
  • Provide monthly briefings to customer leadership highlighting relevant threats, trends, and support provided
  • Fulltime
Read More
Arrow Right

Cybersecurity Manager - Detection and Response

Microsoft Incident Response – the Detection and Response Team (DART) – part of t...
Location
Location
United Kingdom , Multiple Locations
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field and several years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection and several years of experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field and several years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience
  • Many years of people management and/or informal/indirect team leadership experience
  • Strong analytic, qualitative, and quantitative reasoning skills
  • Track record of successfully managing a technical business group and maintaining consistent growth
  • Recognized as a strategic leader who can hire, retain and motivate diverse quality talent
  • Experience leading both a services organization and product development function
  • Develop business strategy and provide technical thought leadership
  • Manage customer engagements escalations to ensure customer satisfaction
Job Responsibility
Job Responsibility
  • People Management: Responsible for mentoring, managing and leading a team of cyber security analysts, engineers, developers, leads and incident managers
  • Managers deliver success through empowerment and accountability by modeling, coaching, and caring
  • Strategic Initiatives: Secure partner relationships and work closely with internal product and services groups as well as co-delivering with Microsoft’s Partner ecosystem
  • Develop and mentor individual contributors through open communication, training and development opportunities and performance management processes
  • Develop and maintain objectives, metrics and KPIs supporting the department’s strategic direction and continuously improve incident response technical capabilities
  • Communicate complex and technical issues to diverse audiences, verbally and in writing, in an easily understood, authoritative, and actionable manner
  • Present to a wide range and size of audiences from IT Pro, to CxO, to business decision makers
  • Technical leadership and executive presence to establish Trusted Technical Advisor to influence senior decision makers to mature and promote customer’s security posture across the overall technology landscape
  • Drive investigative teams to exhaust all investigative leads in the expectation of discovering novel attacker techniques
  • Investigate and research these techniques, and partner with threat intelligence and security engineering to drive security tooling and product enhancements
  • Fulltime
Read More
Arrow Right

Senior Product Manager – Threat Detection

As a Product Manager – Threat Detection, you will be responsible for driving the...
Location
Location
United States
Salary
Salary:
182000.00 - 219000.00 USD / Year
https://corelight.com/ Logo
Corelight
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years in a technical support, engineering, or security research role
  • 3+ years in networking in a product or practitioner role
  • 5+ years overall experience in cybersecurity, with a focus on network security and threat detection
  • Strong understanding of network protocols, network security principles, and intrusion detection methodologies
  • Experience with Zeek (Bro) and its applications within NDR and security operations
  • Experience with network forensics, packet analysis, and network-based anomaly detection
  • Strong analytical skills, with the ability to interpret and apply threat intelligence and attack frameworks (e.g., MITRE ATT&CK)
  • Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity, or equivalent experience
Job Responsibility
Job Responsibility
  • Develop and maintain a cutting edge detection engineering program via collaboration with Corelight Labs Research
  • Execute the product strategy for Corelight’s threat detection capabilities
  • Research adversary tactics, emerging network threats, and novel detection methodologies to improve the effectiveness of Corelight’s NDR solutions
  • Work closely with threat researchers, SOC analysts, and detection engineers to develop high-fidelity detection logic and optimize network threat intelligence
  • Analyze network protocols and traffic patterns to identify new ways to extract valuable security-relevant insights
  • Collaborate with engineering, UX, and security research teams to develop new features and improve the usability of Corelight’s threat detection tools
  • Contribute to open-source security initiatives, representing Corelight in the broader security community and helping drive innovation
  • Act as a technical liaison between customers, security teams, and internal stakeholders to ensure Corelight remains the gold standard for network evidence collection
  • Define, prioritize, and refine product requirements for threat detection capabilities, integrations, and intelligence applications
  • Develop detection content, documentation, and best practices for leveraging Corelight’s platform in threat hunting and incident response workflows
What we offer
What we offer
  • Equity
  • Additional benefits
  • Collaborative, inclusive, and growth-oriented culture
  • AI-assisted workflows
  • Machine learning models
  • Cloud security and SaaS-based solutions
  • Geographically distributed yet connected employee base
  • Fulltime
Read More
Arrow Right

Senior Threat Intelligence Analyst

Microsoft Customer Success Security is looking for a Senior Threat Intelligence ...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • 5+ years producing finished intelligence content on threat actors and attacker techniques including written reports, presentations, and visuals covering attribution, threat detection and hunting guidance, and remediation recommendations
  • 5+ years leading multi-disciplinary team of threat intelligence analysts leveraging incident response data
  • Proven ability to develop new threat intelligence content types, standards, and processes
  • Expertise in managing customer escalations and complex work streams with quick turnaround deliverables
  • Knowledge of customer requirements across a variety of industries and geos
  • Experience working with engineering resources to develop automated intelligence solutions
Job Responsibility
Job Responsibility
  • Create and track threat intelligence reports to support customers and internal stakeholders
  • Engage with internal stakeholders to ensure threat intelligence content integrates with various product and service groups within Microsoft
  • Ensure threat intelligence deliverables cover critical and time-sensitive threats, as well as creating new reports that close any identified gaps
  • Fulltime
Read More
Arrow Right

Graph Researcher II

The Defender Experts (DEX) Research team is at the forefront of Microsoft’s thre...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience in security research, detection engineering, threat lifecycle, cloud security in large-scale in complex cloud environments
  • Strong understanding of graph theory, graph databases (e.g., Neo4j, TigerGraph), and graph analytics with proficiency in Python or similar languages for data analysis and prototyping
  • Experience working with large-scale datasets, distributed systems and graph analytics projects
  • Ability to translate complex threat data into graphs and actionable insights
  • Experience with machine learning or statistical modelling applied to graph data
  • Proven ability to lead and execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments
  • Knowledge of adversary infrastructure tracking, malware analysis, or campaign clustering
  • Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as a deep understanding of multi-cloud security challenges and solutions
Job Responsibility
Job Responsibility
  • Design and maintain scalable threat graphs that model entities such as devices, identity, threat actors, TTPs, infrastructure, and campaigns
  • Execute advanced research to develop algorithms and heuristics to detect malicious patterns and relationships within graph data on emerging cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments
  • Collaborate with threat protection researchers, data scientists, and detection engineers to enrich graph models with contextual insights and refine detection and response strategies, to provide comprehensive threat coverage and response capabilities
  • Research and prototype novel graph-based techniques for threat detection, attribution, and prioritization in collaboration with internal and external security teams
  • Translate complex raw security data into actionable graph intelligence that enhances the effectiveness of security operations for a global customer base
  • Mentor, guide, and drive best practices among researchers and detection engineers on advanced graph-based threat hunting and incident response across diverse ecosystems
  • Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat graph models, and proactively identifying threats and attack trends in the cloud
  • Fulltime
Read More
Arrow Right

Senior Security Graph Engineer

The Defender Experts (DEX) Research team is at the forefront of Microsoft’s thre...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience in security research, detection engineering, threat lifecycle, cloud security in large-scale in complex cloud environments
  • Strong understanding of graph theory, graph databases (e.g., Neo4j, TigerGraph), and graph analytics with proficiency in Python or similar languages for data analysis and prototyping
  • Experience working with large-scale datasets, distributed systems and graph analytics projects
  • Ability to translate complex threat data into graphs and actionable insights
  • Experience with machine learning or statistical modelling applied to graph data
  • Proven ability to lead and execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments
  • Knowledge of adversary infrastructure tracking, malware analysis, or campaign clustering
  • Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as a deep understanding of multi-cloud security challenges and solutions
  • B. Tech or Equivalent
Job Responsibility
Job Responsibility
  • Design and maintain scalable threat graphs that model entities such as devices, identity, threat actors, TTPs, infrastructure, and campaigns
  • Lead and execute advanced research to develop algorithms and heuristics to detect malicious patterns and relationships within graph data on emerging cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments
  • Collaborate with threat protection researchers, data scientists, and detection engineers to enrich graph models with contextual insights and refine detection and response strategies, to provide comprehensive threat coverage and response capabilities
  • Research and prototype novel graph-based techniques for threat detection, attribution, and prioritization in collaboration with internal and external security teams
  • Translate complex raw security data into actionable graph intelligence that enhances the effectiveness of security operations for a global customer base
  • Mentor, guide, and drive best practices among researchers and detection engineers on advanced graph-based threat hunting and incident response across diverse ecosystems
  • Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat graph models, and proactively identifying threats and attack trends in the cloud
  • Fulltime
Read More
Arrow Right
Remote jobs Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog Salaries Tools About Us FAQ Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy