Principal Threat Researcher

Summary

Join ExtraHop, a leading provider of network detection and response (NDR) technology, as a Senior or Principal Threat Researcher. You will play a crucial role in researching emerging cyber threats and developing high-quality customer-facing content, such as white papers, blog posts, and webinars. This position requires a deep understanding of threat actors and cybersecurity trends, combined with strong communication skills to effectively convey complex technical findings. You will work independently and collaborate with other teams to conduct threat research and create compelling content that showcases ExtraHop's expertise in the industry. ExtraHop offers flexible work arrangements, including full-time onsite, hybrid, and fully remote options, allowing you to choose the work environment that best suits your needs.

Requirements

• 8+ years of experience in threat research or threat intelligence
• Experience is producing public-facing written content, including white papers, blog posts, newsletters, and/or video content, such as webinars
• In-depth knowledge of networking fundamentals, including the OSI model and excellent working knowledge of the key protocols from Layer 2 through Layer 7
• Experience in detecting and reproducing network attacks, such as vulnerability exploitation, system discovery, and lateral movement techniques
• In-depth knowledge of the latest cyber threats, threat actors, and attack techniques
• Experience with security tools such as Wireshark, TShark, tcpdump, Suricata, or other packet capture/analysis tools

Responsibilities

• Conduct in-depth research on emerging network security threats, threat actors, vulnerabilities, and malware campaigns
• Reproduce and simulate attack techniques in lab environments to understand their network signatures and to ensure thorough detection coverage
• Continuously monitor threat intelligence sources to stay on top of emerging threats and trends
• Present findings and work results to other internal teams
• Develop high-quality, customer-facing content based on threat research, including white papers, blog posts, and case studies
• Create and deliver engaging webinars, video content, and presentations to communicate research findings to both technical and non-technical audiences
• Work closely with the marketing team to craft messages that align with the company’s brand and objectives
• Mentor and coach other Threat Researchers regarding writing and content creation

Preferred Qualifications

• In-depth knowledge of Windows protocols and attack techniques
• Experience working with cross-functional teams, including marketing and sales
• Proficient in at least one scripting or programming language (e.g., Python, JavaScript, Golang, YAML/TOML, etc.)
• Familiarity with software development tools such as: gitlab, github

Benefits

• Health, Dental, and Vision Benefits
• Flexible PTO, Sick Time Prorated Based on Date of Hire, and All Federal Holidays (US Only) + 3 Days of Paid Volunteer Time
• Non-Commissioned Positions may be eligible to participate in the Annual Discretionary Bonus Plan
• FSA and Dependent Care Accounts + EAP, where applicable
• Educational Reimbursement
• 401k with Employer Match or Pension where applicable
• Pet Insurance (US Only)
• Parental Leave (US Only)
• Hybrid and Remote Work Model