# Threat Analyst
**Company:** [Socket](https://hotfix.jobs/companies/socket)
**Location:** Remote
**Salary:** $126K-$170K
**Experience:** 3+ years
**Skills:** Malware Analysis, Reverse Engineering, Threat Intelligence, Threat Hunting, Digital Forensics, Incident Response, Detection Engineering, TypeScript, JavaScript, LLMs, Ai-Based Tools, Automation Scripting, GitHub, GitLab
**Posted:** 2025-12-23
> Analyzes software supply chain threats using AI scanners, conducts malware analysis and threat hunting, builds automation tools, and integrates research into products to protect open source ecosystems. Requires 3+ years in security operations and master's degree.
## Job Description
## What You'll Do
- Analyze numerous unique threats daily, maintaining a standard of quality that sets the industry benchmark for supply chain security.
- Author high-impact technical blog posts on malicious open source code packages and extensions, and publish deep-dive research pieces on malicious campaigns, threat actor profiles, novel attack vectors, and ecosystem-wide trends.
- Design and build automated scripts and tools to streamline malware analysis, enhancing our data collection, threat analysis, and threat hunting workflows.
- Partner with our engineering team to integrate your research into our core product, turning manual insights into scalable, real-time protection.
- Leverage expertise in open source software ecosystems to enhance security across package registries, browser extensions (Chrome/VS Code), and proactively monitor GitHub/GitLab for emerging malicious campaigns.
- Track APT (Advanced Persistent Threat) adversaries, characterizing various TTPs (Tactics, Techniques, and Procedures), capabilities, infrastructure, and campaigns.

## What You'll Bring
**Required:**
- 3+ years of work experience and a master’s degree in computer science, engineering, or a related field (or equivalent experience).
- Technical experience across several areas of security operations, including investigations, incident response and management, digital forensics, malware analysis, reverse engineering, threat intelligence, threat hunting, and detection engineering.
- Excellent communication skills and the ability to assess the relevance and impact of threats.
- Experience building tools for automation, data collection, and threat hunting.
- Passion for open source and code.

**Preferred:**
- Familiarity with TypeScript/JavaScript and/or other programming languages and ecosystems protected by Socket.
- Experience leveraging LLMs or AI-based tools for threat detection.

## Benefits
- Market competitive salary bands
- Meaningful equity program
- Comprehensive health benefits for you and your family
- Flexible time-off, holidays, and winter shutdown to rest & recharge
- Paid parental leave
- Remote-first, with quarterly team off-sites
**Apply:** https://hotfix.jobs/jobs/threat-analyst-at-socket-4b2b74c9-ad53-4093-b1b0-636a8b41216c
**Canonical:** https://hotfix.jobs/jobs/threat-analyst-at-socket-4b2b74c9-ad53-4093-b1b0-636a8b41216c