Lead Cyber Threat Investigator
This position is crucial in leading Pinterest’s initiatives to detect, assess, and address scaled abuse both within our platform and across external digital environments such as social media and forums. The successful candidate will be instrumental in upholding Pinterest’s dedication to Pinner safety and maintaining platform integrity. Key responsibilities include designing intelligence-gathering operations, deriving actionable insights from external data sources, and collaborating with various teams to shape Trust & Safety strategies aimed at preventing abuse.
What you’ll do:
Lead the strategy for gathering intelligence from external vendors on cybercrime activities such as phishing, malware, drugs, and financial scams, etc.
Oversee off-platform activities that monitor both surface and dark web threats targeting Pinterest and its users.
Enhance internal intelligence resources to ensure timely threat detection and reporting, aligned with Pinterest’s Trust & Safety's anti-abuse initiatives.
Analyze external abuse patterns to produce actionable insights that guide team focus and resource allocation.
Collaborate closely with Legal, Operations, Product, and Policy teams to integrate external threat intelligence into Pinterest’s safety mechanisms.
Create scalable processes, contribute to tool development, and build resources to optimize the use of external intelligence.
Identifies and monitors metrics and milestones as well as assists in meeting success metrics by expanding the coverage of off-platform abuse, delivering actionable intelligence reports, and achieving measurable results in threat mitigation.
Consistently research new trends, tools, and techniques to improve Pinterest’s ability to monitor off-platform abuse.
Foster a culture of innovation and cooperation while building strong relationships with external partners and internal teams.
Build and sustain strategic partnerships with industry peers to enhance Pinterest’s understanding of global internet abuse and ensure alignment of capabilities.
Generate in-depth analyses and high-level summaries of abuse trends and investigation findings, ensuring they provide valuable insights and clear actions.
Demonstrate professionalism and comply with security protocols when handling sensitive investigations.
What we’re looking for (Basic Qualifications):
Educational degree in cybersecurity, intelligence, or a related field, or equivalent experience.
5+ years of experience in cybercrime investigations or threat intelligence with a focus in both internal and off-platform investigations as well as OSINT-based investigations.
Proficient in SQL.
Exceptional written and verbal communication skills, with experience managing executive-level communications.
Extensive knowledge of technologies and tooling for monitoring both the surface and dark web, with an emphasis on operational security and gathering digital evidence.
What we’re looking for (Preferred Qualifications):
Expertise in open-source intelligence (OSINT) methods, attribution, and creating refined intelligence reports.
Strong technical skills with experience in tools like Python and link analysis software.
Understanding of threat actors’ communication methods and behavioral patterns.
Demonstrated ability to work with cross-functional groups, including Product, Engineering, Legal, Operations, and Trust & Safety teams.
History of encouraging innovation and partnering with top-performing teams across various regions and time zones.
Relocation Statement:
This position is not eligible for relocation assistance. Visit our PinFlex page to learn more about our working model.
Relocation Statement:
This position is not eligible for relocation assistance. Visit our PinFlex page to learn more about our working model.
In-Office Requirement:
We let the type of work you do guide the collaboration style. That means we're not always working in an office, but we continue to gather for key moments of collaboration and connection.
This role will need to be in the office for in-person collaboration 1-2 times/quarter and therefore can be situated anywhere in the country.
#LI-PW1
#LI-REMOTE
About the job
Apply for this position
Lead Cyber Threat Investigator
This position is crucial in leading Pinterest’s initiatives to detect, assess, and address scaled abuse both within our platform and across external digital environments such as social media and forums. The successful candidate will be instrumental in upholding Pinterest’s dedication to Pinner safety and maintaining platform integrity. Key responsibilities include designing intelligence-gathering operations, deriving actionable insights from external data sources, and collaborating with various teams to shape Trust & Safety strategies aimed at preventing abuse.
What you’ll do:
Lead the strategy for gathering intelligence from external vendors on cybercrime activities such as phishing, malware, drugs, and financial scams, etc.
Oversee off-platform activities that monitor both surface and dark web threats targeting Pinterest and its users.
Enhance internal intelligence resources to ensure timely threat detection and reporting, aligned with Pinterest’s Trust & Safety's anti-abuse initiatives.
Analyze external abuse patterns to produce actionable insights that guide team focus and resource allocation.
Collaborate closely with Legal, Operations, Product, and Policy teams to integrate external threat intelligence into Pinterest’s safety mechanisms.
Create scalable processes, contribute to tool development, and build resources to optimize the use of external intelligence.
Identifies and monitors metrics and milestones as well as assists in meeting success metrics by expanding the coverage of off-platform abuse, delivering actionable intelligence reports, and achieving measurable results in threat mitigation.
Consistently research new trends, tools, and techniques to improve Pinterest’s ability to monitor off-platform abuse.
Foster a culture of innovation and cooperation while building strong relationships with external partners and internal teams.
Build and sustain strategic partnerships with industry peers to enhance Pinterest’s understanding of global internet abuse and ensure alignment of capabilities.
Generate in-depth analyses and high-level summaries of abuse trends and investigation findings, ensuring they provide valuable insights and clear actions.
Demonstrate professionalism and comply with security protocols when handling sensitive investigations.
What we’re looking for (Basic Qualifications):
Educational degree in cybersecurity, intelligence, or a related field, or equivalent experience.
5+ years of experience in cybercrime investigations or threat intelligence with a focus in both internal and off-platform investigations as well as OSINT-based investigations.
Proficient in SQL.
Exceptional written and verbal communication skills, with experience managing executive-level communications.
Extensive knowledge of technologies and tooling for monitoring both the surface and dark web, with an emphasis on operational security and gathering digital evidence.
What we’re looking for (Preferred Qualifications):
Expertise in open-source intelligence (OSINT) methods, attribution, and creating refined intelligence reports.
Strong technical skills with experience in tools like Python and link analysis software.
Understanding of threat actors’ communication methods and behavioral patterns.
Demonstrated ability to work with cross-functional groups, including Product, Engineering, Legal, Operations, and Trust & Safety teams.
History of encouraging innovation and partnering with top-performing teams across various regions and time zones.
Relocation Statement:
This position is not eligible for relocation assistance. Visit our PinFlex page to learn more about our working model.
Relocation Statement:
This position is not eligible for relocation assistance. Visit our PinFlex page to learn more about our working model.
In-Office Requirement:
We let the type of work you do guide the collaboration style. That means we're not always working in an office, but we continue to gather for key moments of collaboration and connection.
This role will need to be in the office for in-person collaboration 1-2 times/quarter and therefore can be situated anywhere in the country.
#LI-PW1
#LI-REMOTE