Senior Research Engineer, Threat Intelligence

14 hours, 42 minutes ago
Full-time
Senior
Software Development
SecurityScorecard

SecurityScorecard

SecurityScorecard is a cybersecurity company that provides a powerful AI-driven platform to identify and eliminate cyber risks across all attack surfaces.

IT Services
251-1K
Founded 2014
$292M raised

Description

  • Own the path from research output to production-ready artifacts such as detection rules, distributed feeds, scoring inputs, and customer alerts.
  • Build and maintain STRIKE platform components across distribution servers, sandbox orchestration, OSINT ingestion, federated sharing endpoints, agent runtimes, and rules engines.
  • Turn research into shipped detection content including YARA, Sigma, STIX patterns, behavioral indicators, and delivery pipelines.
  • Build correlation pipelines that connect scan data, attack surface signals, vulnerability data, and adversary tracking into customer-facing intelligence.
  • Drive adoption of STIX 2.1 as the unified output schema and TAXII 2.1 as the distribution standard.
  • Define, govern, and extend schemas that remain reliable for downstream teams.
  • Build automation for indicator enrichment, report drafting, corpus correlation, feed normalization, and sandbox triage.
  • Develop safe, production-grade workflows for model-assisted and model-driven research, including retrieval, schema-constrained output, eval harnesses, and logging.
  • Coordinate with engineering, measurement, and platform product teams to ensure research work lands in product.
  • Serve as the engineering bridge between researchers, product managers, platform engineers, and sometimes customers, journalists, or executives.

Requirements

  • Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related technical field, or equivalent self-taught experience with strong public work.
  • 5 to 8 years of hands-on engineering experience with meaningful exposure to threat intelligence, security research, or detection engineering.
  • Prior experience building production systems that consume or emit threat intelligence data is required.
  • Production-level experience with Python and TypeScript/Node.
  • Experience with relational and cache data stores, plus at least one streaming or batch data platform.
  • Experience with cloud infrastructure, preferably AWS, containers, and CI/CD pipelines.
  • Working knowledge of STIX 2.1, TAXII 2.1, MISP, and MITRE ATT&CK.
  • Hands-on experience with YARA, Sigma, and STIX Patterning.
  • Experience reading malware analysis output, parsing adversary infrastructure data, and writing detection logic that performs in production.
  • Experience shipping production language-model systems with retrieval over a real corpus, structured output validation, eval harnesses, and awareness of model failure modes.
  • Strong judgment about when to use models versus simpler approaches such as regex or SQL.
  • Bonus: experience with policy-as-code or expression-language engines such as CEL or OPA.
  • Bonus: published or co-authored security research on campaigns, vulnerabilities, or adversary tracking.
  • Bonus: large-scale telemetry experience with tools such as Splunk, Kinesis, NetFlow, or equivalent.
  • Bonus: contributor or maintainer on open-source threat intel projects such as MISP, OpenCTI, Sigma, STIX, or ATT&CK.
  • Bonus: familiarity with quantitative risk frameworks such as FAIR.
  • Bonus: familiarity with Golang at a production level.

Benefits

  • Competitive salary with estimated total compensation of $140,000 to $150,000 base plus bonus.
  • Stock options and potential equity awards.
  • Health benefits.
  • Unlimited PTO.
  • Parental leave.
  • Tuition reimbursement.
  • Annual performance-based incentive compensation awards.
  • Flexible benefits that vary by country.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Biology & Biophysics Researchers (India, Part-time)

Weekday 11-50 Construction & Engineering

An AI lab client is hiring part-time life science researchers to help train and evaluate frontier AI systems on advanced biological and biophysical reasoning.

Machine Learning
13 hours, 57 minutes ago

Principal ML Scientist, Multimodal Biological Reasoning

Flagship Pioneering 251-1K Biotechnology

Flagship Pioneering’s Pioneering Intelligence is seeking a Lead to shape and advance AI-driven biological reasoning systems that support scientific discovery across the company and its portfolio.

LLM Machine Learning
1 day, 14 hours ago

Senior Modeling and Simulation Engineer, Space

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is hiring a Senior Modeling and Simulation Engineer to support its Space team in developing analysis, models, and simulations that inform U.S. Department of Defense space mission decisions.

GitHub GitLab Machine Learning MATLAB Python Reinforcement Learning SAP
2 days, 14 hours ago

Research Engineer (India based)

Oxford Dynamics 1-10 Life Sciences Tools & Services

Oxford Dynamics is hiring a Research Engineer in India to turn frontier machine-learning research into product capabilities for defense, national security, and incident-response systems.

Computer Vision Machine Learning Reinforcement Learning
2 days, 14 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers