Threat Researcher

Job Description

• Actively research a variety of cyber threats using technical analysis techniques, data analysis, and both open-source and deep/dark web intelligence gathering.
• Produce both long and short form finished intelligence products, including threat reports, intelligence briefings, whitepapers, and RFI deliverables.
• Partner with Marketing and other content teams to translate intelligence findings into blog posts and other material demonstrating Fortra’s thought leadership.
• Perform cutting-edge research on BEC and other types of phishing attacks.
• Write intelligence alerts, threat reports, whitepapers, and blog posts based on research findings from Fortra’s Threat Intelligence teams.
• Participate in a peer review process of intelligence deliverables by providing notes and constructive feedback.
• Analyze threats to identify novel adversary capabilities, tactics, techniques, and procedures.
• Conduct data analysis to identify notable trends and activity groups in email- delivered, Account Takeover, and Digital Impersonation activity across the cybercrime ecosystem.
• Monitor previously identified activity groups over time to track activity and evolution in their behavior.
• Engage with customers and internal stakeholders to conduct RFI intake briefings and communicate threat research findings. This will involve presenting findings to key stakeholders.

• 2 to 5 years in security operations, or 1-3 years in intelligence analysis or investigative journalism.
• Strong understanding of social engineering techniques, phishing threats, and digital impersonation tactics.
• Able to effectively develop intelligence requirements to an RFI via interaction with stakeholders.
• Exceptional research skills using both OSINT and private threat data.
• Outstanding data analysis skills and experience with data analysis tools, including Microsoft Excel.
• Exceptionally strong analytical reasoning, problem-solving, and decision-making skills.
• Ability to write reports communicating complex research findings to a broad audience.
• Able to effectively present analytical findings to both technical and non-technical audiences.
• Desire to self-develop in order to keep up with the evolving threat landscape.
• Able to work independently and effectively as part of a remote team with minimal supervision.
• Experience querying both relational and non-relational databases.
• Intermediate scripting knowledge, and an aptitude for automating routine or repetitive tasks.
• Understanding of web-based languages including HTML, PHP, and JavaScript.

• Health, dental, and vision coverage as of hire
• Immediate enrollment in 401(k), HSA, and FSA plans
• Flexible PTO policy
• Tuition and personal enrichment reimbursement
• Option to enroll in ID Theft Protection Program