Principal Threat Researcher
Position Summary
We are seeking a highly skilled and motivated Senior or Principal Threat Researcher with a strong technical background in cybersecurity and previous experience in creating high-quality customer-facing content. This individual will play a key role in researching emerging cyber threats and developing content such as white papers, blog posts, webinars, and other marketing materials with ExtraHop’s marketing team. The ideal candidate will have a deep understanding of threat actors and cybersecurity trends, combined with the ability to effectively communicate complex technical findings.
As a Principal Threat Researcher, you will work independently and collaborate with Detection Engineers and Data Scientists to conduct threat research and the marketing team to develop compelling and informative content that showcases the team’s findings and positions the company as a thought leader in the industry.
ExtraHop R&D supports fully-flexible work options that include full-time onsite, hybrid, and fully remote working arrangements. Except for a few roles that require physical access, we believe in supporting you in making the choice that works best for you and makes the team successful.
Key Responsibilities
Threat research and analysis:
Conduct in-depth research on emerging network security threats, threat actors, vulnerabilities, and malware campaigns.
Reproduce and simulate attack techniques in lab environments to understand their network signatures and to ensure thorough detection coverage.
Continuously monitor threat intelligence sources to stay on top of emerging threats and trends.
Present findings and work results to other internal teams.
Content creation:
Develop high-quality, customer-facing content based on threat research, including white papers, blog posts, and case studies.
Create and deliver engaging webinars, video content, and presentations to communicate research findings to both technical and non-technical audiences.
Work closely with the marketing team to craft messages that align with the company’s brand and objectives.
Mentorship:
Mentor and coach other Threat Researchers regarding writing and content creation.
Required Qualifications
8+ years of experience in threat research or threat intelligence
Experience is producing public-facing written content, including white papers, blog posts, newsletters, and/or video content, such as webinars
In-depth knowledge of networking fundamentals, including the OSI model and excellent working knowledge of the key protocols from Layer 2 through Layer 7
Experience in detecting and reproducing network attacks, such as vulnerability exploitation, system discovery, and lateral movement techniques
In-depth knowledge of the latest cyber threats, threat actors, and attack techniques
Experience with security tools such as Wireshark, TShark, tcpdump, Suricata, or other packet capture/analysis tools
Preferred Qualifications
In-depth knowledge of Windows protocols and attack techniques
Experience working with cross-functional teams, including marketing and sales
Proficient in at least one scripting or programming language (e.g., Python, JavaScript, Golang, YAML/TOML, etc.)
Familiarity with software development tools such as: gitlab, github
The salary range for this position is 160,000 - 190,000 base + bonus + benefits
About the job
Apply for this position
Principal Threat Researcher
Position Summary
We are seeking a highly skilled and motivated Senior or Principal Threat Researcher with a strong technical background in cybersecurity and previous experience in creating high-quality customer-facing content. This individual will play a key role in researching emerging cyber threats and developing content such as white papers, blog posts, webinars, and other marketing materials with ExtraHop’s marketing team. The ideal candidate will have a deep understanding of threat actors and cybersecurity trends, combined with the ability to effectively communicate complex technical findings.
As a Principal Threat Researcher, you will work independently and collaborate with Detection Engineers and Data Scientists to conduct threat research and the marketing team to develop compelling and informative content that showcases the team’s findings and positions the company as a thought leader in the industry.
ExtraHop R&D supports fully-flexible work options that include full-time onsite, hybrid, and fully remote working arrangements. Except for a few roles that require physical access, we believe in supporting you in making the choice that works best for you and makes the team successful.
Key Responsibilities
Threat research and analysis:
Conduct in-depth research on emerging network security threats, threat actors, vulnerabilities, and malware campaigns.
Reproduce and simulate attack techniques in lab environments to understand their network signatures and to ensure thorough detection coverage.
Continuously monitor threat intelligence sources to stay on top of emerging threats and trends.
Present findings and work results to other internal teams.
Content creation:
Develop high-quality, customer-facing content based on threat research, including white papers, blog posts, and case studies.
Create and deliver engaging webinars, video content, and presentations to communicate research findings to both technical and non-technical audiences.
Work closely with the marketing team to craft messages that align with the company’s brand and objectives.
Mentorship:
Mentor and coach other Threat Researchers regarding writing and content creation.
Required Qualifications
8+ years of experience in threat research or threat intelligence
Experience is producing public-facing written content, including white papers, blog posts, newsletters, and/or video content, such as webinars
In-depth knowledge of networking fundamentals, including the OSI model and excellent working knowledge of the key protocols from Layer 2 through Layer 7
Experience in detecting and reproducing network attacks, such as vulnerability exploitation, system discovery, and lateral movement techniques
In-depth knowledge of the latest cyber threats, threat actors, and attack techniques
Experience with security tools such as Wireshark, TShark, tcpdump, Suricata, or other packet capture/analysis tools
Preferred Qualifications
In-depth knowledge of Windows protocols and attack techniques
Experience working with cross-functional teams, including marketing and sales
Proficient in at least one scripting or programming language (e.g., Python, JavaScript, Golang, YAML/TOML, etc.)
Familiarity with software development tools such as: gitlab, github
The salary range for this position is 160,000 - 190,000 base + bonus + benefits