Threat Intelligence Researcher (Cloud)

What You'll Do

• Identify, analyze, and track advanced state-backed or financially motivated attackers targeting cloud ecosystems
• Hunt through data sources to identify malicious campaigns targeting Wiz customers
• Leverage open and closed data to track infrastructure and malware used by advanced actors
• Investigate and attribute incidents, campaigns, and threat actors to understand attackers and motivations
• Communicate novel findings to customers and the public

Requirements

• 5+ years of experience in security or threat research with focus on advanced state-backed actors or sophisticated financially motivated campaigns
• Proven track record of tracking sophisticated threat actors
• Ability to find novel and durable ways of identifying and tracking threat actors across multiple data sets
• Deep subject matter expertise in at least one actor tracking mechanism (malware, infrastructure, etc.)
• Experience working with large-scale telemetry, infrastructure hunting, pivoting through query languages and scripting
• Familiarity with malware analysis and using YARA to hunt for malware
• Willingness to take on multiple roles to build out actor tracking

Nice to Have

• Knowledge of how attackers target AWS, GCP, Azure, Kubernetes, and modern cloud-native architectures
• Experience building tools to exploit data sources in a repeatable and scalable manner
• Track record of public communication of novel findings
• Background in incident response, threat intelligence, or threat hunting

Benefits

• Medical, dental, and vision insurance
• Home Office Setup reimbursement
• Flexible Spending Accounts
• Monthly Connectivity reimbursement
• Employee Assistance Program (EAP)
• Short- and Long-term Disability Insurance
• Life & Accident Insurance
• 401(k) Retirement Savings Plan (with employer match)
• Flexible paid time off + 11 paid holidays
• Paid leave programs (parental, pregnancy health, medical, bereavement)