Threat Researcher

As a Threat Researcher at SecurityScorecard, you will join a dynamic team dedicated to producing original, high-impact security research. Reporting directly to the Head of Threat Research, your primary focus will be on deep technical analysis, including reverse engineering malicious binaries, tracking adversary infrastructure, and developing novel detections. SecurityScorecard is a global leader in cybersecurity ratings, continuously evaluating over 12 million companies across 64 countries.

In this role, you will perform static and dynamic analysis of malicious binaries to understand their behavior and intent. You will develop and maintain high-fidelity detection signatures using tools like YARA, Snort, and Sigma to protect customers. Additionally, you will query massive datasets using SQL, Python, or Splunk to identify anomalies and map out adversary infrastructure. Leveraging AI and LLM automations to support your analysis workload is also a key aspect of the position.

The ideal candidate holds a Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related technical field. You should have 3–5 years of hands-on experience in technical research roles such as SOC Tier 3, Malware Analysis, or Incident Response. Proficiency in programming languages like Python, Go, or C/C++, along with experience using disassemblers such as IDA Pro or Ghidra, is essential. A hacker's curiosity and the ability to discern hidden patterns in data are highly valued.

SecurityScorecard offers a competitive salary, stock options, health benefits, unlimited PTO, parental leave, and tuition reimbursements. The estimated total compensation range for this position is $100,000 - $120,000 (base plus bonus), with actual compensation based on factors such as skills, qualifications, and experience.

Joining SecurityScorecard means becoming part of a company recognized by Inc Magazine as a "Best Workplace" and by Crain’s NY as a "Best Places to Work in NYC." The organization fosters a culture of innovation and employee engagement, offering opportunities for professional growth and the chance to contribute to cutting-edge cybersecurity research.