Threat Researcher

About SecurityScorecard:

SecurityScorecard is the global leader in cybersecurity ratings, with over 12 million companies continuously rated, operating in 64 countries. Founded in 2013 by security and risk experts Dr. Alex Yampolskiy and Sam Kassoumeh and funded by world-class investors, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting; making all organizations more resilient by allowing them to easily find and fix cybersecurity risks across their digital footprint. 

Headquartered in New York City, our culture has been recognized by Inc Magazine as a "Best Workplace,” by Crain’s NY as a "Best Places to Work in NYC," and as one of the 10 hottest SaaS startups in New York for two years in a row. Most recently, SecurityScorecard was named to Fast Company’s annual list of the World’s Most Innovative Companies for 2023 and to the Achievers 50 Most Engaged Workplaces in 2023 award recognizing “forward-thinking employers for their unwavering commitment to employee engagement.”  SecurityScorecard is proud to be funded by world-class investors including Silver Lake Waterman, Moody’s, Sequoia Capital, GV and Riverwood Capital.

About the Role:

You'll be joining a growing threat research team at SecurityScorecard, working directly under the Head of Threat Research to produce original, high-impact security research. This is fundamentally a research role — the expectation is that you spend the majority of your time performing deep technical analysis: reverse engineering malicious binaries, tracking adversary infrastructure, developing detections, and producing findings that are genuinely novel.

The team's research output serves the entire organization — from engineering and data science to marketing and customer success — and you'll have visibility across those stakeholder groups as the team matures. You'll contribute to published whitepapers and technical reports, and you should be comfortable presenting your own research findings, whether in customer-facing meetings or at industry conferences. Customer interaction is a real but measured part of the role; the expectation is that when customers want to engage with the researcher behind a specific piece of work, you're available and confident doing that.

This is a role for someone who does their best work when given hard problems and the autonomy to chase them down.

Key Responsibilities: 

• Reverse Engineering: Perform static and dynamic analysis of malicious binaries to understand their behavior and intent.
• Detection Engineering: Develop and maintain high-fidelity detection signatures (YARA, Snort, Sigma) to protect customers.
• Data Mining: Query massive datasets (using SQL, Python, or Splunk) to identify anomalies and map out adversary infrastructure.
• AI and LLM Automation: Design and leverage AI and LLM automations to support your analysis workload.
• Technical Reporting: Produce detailed technical whitepapers and internal briefings on original discoveries.
• Deep Technical Research: Identify, track, and analyze advanced persistent threats (APTs) and their malicious infrastructure to gain insights into attack vectors, victimology, and scale.

Qualifications:

• Education: Bachelor's or Master's in Computer Science, Cybersecurity, or a highly technical equivalent.
• Experience: 3–5 years in a hands-on technical research role (SOC Tier 3, Malware Analysis, or Incident Response).
• Technical Skills: Proficiency in Python, Go, or C/C++; experience with disassemblers such as IDA Pro or Ghidra.
• Mindset: A hacker's curiosity — the ability to look at a data point and see the hidden pattern.
• Bonus: Experience with Splunk, Kinesis, or large-scale data processing.

Benefits:

Actual compensation for the position is based on a variety of factors, including, but not limited to affordability, skills, qualifications and experience, and may vary from the range. In addition to base salary, employees may also be eligible for annual performance-based incentive compensation awards and equity, among other company benefits. 

SecurityScorecard is committed to Equal Employment Opportunity and embraces diversity. We believe that our team is strengthened through hiring and retaining employees with diverse backgrounds, skill sets, ideas, and perspectives. We make hiring decisions based on merit and do not discriminate based on race, color, religion, national origin, sex or gender (including pregnancy) gender identity or expression (including transgender status), sexual orientation, age, marital, veteran, disability status or any other protected category in accordance with applicable law. 

We also consider qualified applicants regardless of criminal histories, in accordance with applicable law. We are committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need assistance or accommodation due to a disability, please contact talentacquisitionoperations@securityscorecard.io.

Any information you submit to SecurityScorecard as part of your application will be processed in accordance with the Company’s privacy policy and applicable law. 

SecurityScorecard does not accept unsolicited resumes from employment agencies.  Please note that we do not provide immigration sponsorship for this position.   #LI-DNI