# Threat Intelligence Researcher (Cloud)

**Company:** [Wiz](https://hotfix.jobs/companies/wiz)
**Location:** Remote
**Role:** Security Engineering
**Salary:** $151k – $208k/yr
**Experience:** 5+ years
**Skills:** Threat Intelligence, Malware Analysis, Yara, AWS, GCP, Azure, Kubernetes, Infrastructure Analysis, Telemetry Analysis, Incident Response
**Posted:** 2026-05-28

> Track, analyze, and attribute advanced state-backed and financially motivated threat actors targeting cloud environments. Requires 5+ years in threat research with expertise in malware, infrastructure tracking, and large-scale telemetry analysis.

## Job Description

## What You'll Do
- Identify, analyze, and track advanced state-backed or financially motivated attackers that target cloud ecosystems.
- Hunt through a wide range of data sources to identify malicious campaigns targeting Wiz customers.
- Leverage open and closed-data to track the infrastructure and malware used by advanced actors.
- Investigate and attribute incidents, campaigns, and threat actors to understand more about the attackers and what motivates them.
- Communicate novel findings to multiple audiences, including customers and the public.

## What You'll Bring
- 5+ years of experience in security or threat research, with a focus on either advanced state-backed actors or sophisticated financially motivated campaigns.
- Proven track record of tracking sophisticated threat actors.
- Ability to find novel and durable ways of identifying and tracking threat actors across multiple data sets.
- Deep subject matter expertise in at least one actor tracking mechanism (malware, infrastructure, etc).
- Experience working with large-scale telemetry, especially infrastructure hunting and by pivoting through query languages and scripting.
- Familiarity with malware analysis and using YARA to hunt for malware.
- Willingness to take on multiple roles to build out actor tracking.

## Advantages
- Knowledge of how attackers target the major cloud and identity providers (AWS, GCP, Azure), Kubernetes, and modern cloud-native architectures.
- Experience building tools to exploit data sources in a repeatable and scalable manner.
- Track record of public communication of novel and newsworthy findings.
- Background in incident response, threat intelligence, or threat hunting.

## Benefits
- Medical, dental and vision insurance
- Home Office Setup reimbursement
- Flexible Spending Accounts
- Monthly Connectivity reimbursement
- Employee Assistance Program (EAP)
- Short- and Long-term Disability Insurance
- Life & Accident Insurance
- 401(k) Retirement Savings Plan (with employer match)
- Flexible paid time off + 11 paid holidays
- Paid leave programs, including parental, pregnancy health, medical and bereavement leave

## Similar roles

- [Software Engineer, Identity](https://hotfix.jobs/jobs/95795ec8-bfd1-44c8-a7a1-b16c9be3d31b) - Mercor - San Francisco, CA - $150k – $325k/yr
- [IT Security Operations Engineer](https://hotfix.jobs/jobs/ab8df8f3-05c1-4b41-a516-c95445575498) - AKASA - San Francisco, CA - $150k – $190k/yr
- [Security Engineer](https://hotfix.jobs/jobs/79d32979-efc0-42db-8089-267517d351aa) - Novig - New York, NY - $150k – $200k/yr
- [Governance, Risk & Compliance Engineer](https://hotfix.jobs/jobs/5dc30200-7d11-41fc-9e8e-f0f18b5b8caf) - Fal - San Francisco, CA - $150k – $250k/yr
- [Manager, Security Incident Response Team (USA)](https://hotfix.jobs/jobs/1cfbd1e7-a701-4a35-b746-7380bcf6ffac) - GitLab - Remote - $150k – $235k/yr

**Apply:** https://hotfix.jobs/jobs/d96cf3cb-eae0-4049-a146-831c6d933b20
**Canonical:** https://hotfix.jobs/jobs/d96cf3cb-eae0-4049-a146-831c6d933b20