Track, analyze, and attribute advanced state-backed and financially motivated threat actors targeting cloud environments. Requires 5+ years in threat research with expertise in malware, infrastructure tracking, and large-scale telemetry analysis.
151k – 208k
Remote5+ YOESecurity Engineering
About the role
What You'll Do
Identify, analyze, and track advanced state-backed or financially motivated attackers that target cloud ecosystems.
Hunt through a wide range of data sources to identify malicious campaigns targeting Wiz customers.
Leverage open and closed-data to track the infrastructure and malware used by advanced actors.
Investigate and attribute incidents, campaigns, and threat actors to understand more about the attackers and what motivates them.
Communicate novel findings to multiple audiences, including customers and the public.
What You'll Bring
5+ years of experience in security or threat research, with a focus on either advanced state-backed actors or sophisticated financially motivated campaigns.
Proven track record of tracking sophisticated threat actors.
Ability to find novel and durable ways of identifying and tracking threat actors across multiple data sets.
Deep subject matter expertise in at least one actor tracking mechanism (malware, infrastructure, etc).
Experience working with large-scale telemetry, especially infrastructure hunting and by pivoting through query languages and scripting.
Familiarity with malware analysis and using YARA to hunt for malware.
Willingness to take on multiple roles to build out actor tracking.
Advantages
Knowledge of how attackers target the major cloud and identity providers (AWS, GCP, Azure), Kubernetes, and modern cloud-native architectures.
Experience building tools to exploit data sources in a repeatable and scalable manner.
Track record of public communication of novel and newsworthy findings.
Background in incident response, threat intelligence, or threat hunting.
Benefits
Medical, dental and vision insurance
Home Office Setup reimbursement
Flexible Spending Accounts
Monthly Connectivity reimbursement
Employee Assistance Program (EAP)
Short- and Long-term Disability Insurance
Life & Accident Insurance
401(k) Retirement Savings Plan (with employer match)
Flexible paid time off + 11 paid holidays
Paid leave programs, including parental, pregnancy health, medical and bereavement leave
Build and scale Mercor's novel identity and access management infrastructure across thousands of Slack workspaces and HR systems for a 100k+ expert network. Requires strong product engineering, large-scale distributed systems experience, and security-minded design instincts.
150k – 325k
On-site5+ YOESecurity Engineering
IT Security Operations Engineer
AKASASan Francisco, CA
IT Security Operations Engineer responsible for implementing DLP, email security, endpoint protection, Okta/Google Workspace hardening, automation, compliance evidence collection, and incident response in a hybrid healthcare AI startup.
150k – 190k
Hybrid4+ YOESecurity Engineering
Security Engineer
NovigNew York, NY
Build and maintain security automation pipelines, AI agents, SOAR/SIEM integrations, vulnerability management, and IAM systems for a sports prediction market platform.
150k – 200k
On-site5+ YOESecurity Engineering
Governance, Risk & Compliance Engineer
FalSan Francisco, CA
GRC Engineer responsible for designing and improving governance, risk management, and compliance programs at a generative AI platform company. Manage certifications (SOC 2, ISO 27001, GDPR), lead risk assessments, support customer security reviews, and develop automation for cloud and AI infrastructure controls.
150k – 250k
On-site5+ YOESecurity Engineering
Manager, Security Incident Response Team (USA)
GitLabUnited States
Leads the Security Incident Response Team in the Americas, managing engineers through threat hunting, investigations, triage, and large-scale responses while coaching performance and driving process improvements using AI and automation.