Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior Research Engineer, Threat Intelligence

$140k - $150k

Zoomcar

About the Role You'll join STRIKE, SecurityScorecard's Threat Intelligence team, as the engineering counterpart to research. STRIKE runs several research motions in parallel, each on its own clock: rapid response to active events, longer product‑tied work, and standards‑anchored research on a quarterly cadence. The path from a finding to a shipped detection or feed gets reinvented every time. That’s the problem this role is here to solve. You'll work directly with the senior technical leader who owns STRIKE’s R&D direction, and report to the Head of Threat Research for people management. Technical direction comes from R&D leadership; you own delivery. You'll take a research artifact (a malware finding, an infrastructure cluster, a new indicator class, a behavioral pattern) and turn it into something the company can use without a second round of engineering: schemas, pipeline hooks, distribution feeds, detection rules, or platform APIs. This isn’t a pure research role, and it isn’t a pure platform role either. Researchers ideate, you ship. Key Responsibilities Research‑to‑Production Pipeline Own the path from research output to production‑ready artifact: a detection rule, a distributed feed, a scoring input, or a customer alert. Partner with adjacent teams to define clean handoff contracts, so new signals arrive downstream with the schema, value framing, and consumption pattern already defined. Threat Intelligence Platform Engineering Build and maintain STRIKE platform components across multiple services and runtimes, including distribution servers, sandbox orchestration, OSINT ingestion, federated sharing endpoints, agent runtimes, and rules engines that operate over standards‑anchored predicates. Extend these systems without breaking the data contracts already in production. Detection Content and Signal Production Turn research into shipped detection content: YARA, Sigma, STIX patterns, behavioral indicators, and the pipelines that distribute them. Build correlation pipelines that link scan data, attack surface signals, vulnerability data, and adversary tracking into customer‑facing intelligence. Data Model and Standards Adoption Drive STIX 2.1 adoption as a unified output schema and TAXII 2.1 as a distribution standard. Define and govern schemas that hold up once they reach downstream teams. Research Workflow Engineering Build the automation that removes commodity overhead from research work: indicator enrichment, report drafting, corpus correlation, feed normalization, and sandbox triage. Help move the team from analyst‑driven, model‑assisted workflows toward model‑driven workflows with analyst review. The work that matters most here is often the unglamorous part: retrieval grounded in the team’s own corpus so outputs cite sources rather than model priors, schema‑constrained output so a generated indicator is a valid one, and eval harnesses that catch regressions before analysts do. Cost accounting, latency budgeting, prompt versioning, and output logging round out the infrastructure that makes a workflow safe to run unattended. You should have a clear sense of when a model is the wrong tool. A regex beats a model for known patterns; a SQL query beats a model for structured data. Knowing where that line sits, and respecting it, is part of the job. Cross‑Functional Delivery Coordinate with engineering, measurement, and platform product teams so research actually lands in product. You’ll often serve as the engineering voice translating between researchers, product managers, and platform engineers, and you may occasionally explain the work to customers, journalists, or executives. Qualifications Education Bachelor’s or Master’s in Computer Science, Cybersecurity, or a related technical field. Self‑taught practitioners with strong public work are welcome. Experience 5 to 8 years in a hands‑on engineering role with meaningful exposure to threat intelligence, security research, or detection engineering. Prior experience building production systems that consume or emit threat intel data is required. Technical Skills Python and TypeScript/Node at a production level Relational and cache data stores, plus at least one streaming or batch data platform Cloud infrastructure (AWS preferred), containers, and CI/CD pipelines Working knowledge of STIX 2.1, TAXII 2.1, MISP, and MITRE ATT\&CK, and how they work together in practice Detection and Research Tooling Hands‑on experience with YARA, Sigma, and STIX Patterning. Comfortable reading malware analysis output, parsing adversary infrastructure data, and writing detection logic that holds up under production load. Applied Language Models You’ve shipped production systems that use language models, not just demos. That includes retrieval over a real corpus, structured output with schema validation, eval harnesses that catch regressions before users do, and a solid understanding of where models fail: recency, long‑tail facts, numerical reasoning, and adversarial input or prompt injection. You can do the cost‑per‑task math for your workloads, and you can make the case when a smaller, tightly scaffolded model beats a larger one. You approach model output with healthy skepticism by default. The bar for shipping a model‑generated indicator or detection is higher than for shipping a regex, and you understand why and design accordingly. Bridge Mindset You write code that ships, and you understand why researchers think the way they do. If you’ve only ever worked from a backlog handed down by a product manager, this probably isn’t the right fit. If you’ve taken an idea sketched out in a chat message and turned it into a deployed pipeline before the next sprint began, that’s the mode we’re looking for. Bonus Experience with policy‑as‑code or expression‑language engines (CEL, OPA, or similar) Published or co‑authored security research (campaigns, vulnerabilities, adversary tracking) Large‑scale telemetry experience (Splunk, Kinesis, NetFlow, or equivalent) Contributor or maintainer on open‑source threat intel projects (MISP, OpenCTI, Sigma, STIX, ATT\&CK) Familiarity with quantitative risk frameworks such as FAIR Familiarity with Golang at a production level Benefits Specific to each country, we offer a competitive salary, stock options, health benefits, and unlimited PTO, parental leave, tuition reimbursements, and much more! The estimated total compensation range for this position is $140,000 - $150,000 (base plus bonus). Actual compensation for the position is based on a variety of factors, including, but not limited to affordability, skills, qualifications and experience, and may vary from the range. In addition to base salary, employees may also be eligible for annual performance‑based incentive compensation awards and equity, among other company benefits. Equal Employment Opportunity SecurityScorecard is committed to Equal Employment Opportunity and embraces diversity. We believe that our team is strengthened through hiring and retaining employees with diverse backgrounds, skill sets, ideas, and perspectives. We make hiring decisions based on merit and do not discriminate based on race, color, religion, national origin, sex or gender (including pregnancy) gender identity or expression (including transgender status), sexual orientation, age, marital, veteran, disability status or any other protected category in accordance with applicable law. We also consider qualified applicants regardless of criminal histories, in accordance with applicable law. We are committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need assistance or accommodation due to a disability, please contact View email address on click.appcast.io. Any information you submit to SecurityScorecard as part of your application will be processed in accordance with the Company’s privacy policy and applicable law. SecurityScorecard does not accept unsolicited resumes from employment agencies. Please note that we do not provide immigration sponsorship for this position. #LI-DNI #J-18808-Ljbffr Zoomcar

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Senior Research Engineer, Threat Intelligence in Washington DC vacancy
  • JPMorgan Chase is hiring for a senior technical role within CRAFT, focused on complex problem-solving in cyber threat analysis and intrusion detection. Candidates will engage in hands-on technical research and analysis to support operational response during high-priority... 
    Senior
    Intelligence

    JPMorganChase

    Washington DC
    1 day ago
  • $130k - $140k

    Amentum is seeking a Counter Threat Finance Analyst SME in Washington, DC, to support the Department of Defense in creating a certification program. Responsibilities include providing intelligence analysis for law enforcement, drafting reports and action plans, and collaborating... 
    Senior
    Intelligence

    Amentum

    Washington DC
    4 days ago
  • G-Force Solutions Inc, located in Arlington, Virginia, is seeking Intelligence and Operations Analysis Specialists. The role involves analyzing CI threats and developing comprehensive research studies. Qualified candidates will collaborate closely with stakeholders and... 
    Senior
    Intelligence

    G-Force Solutions Inc

    Arlington, VA
    4 days ago
  • Witt/Kieffer is seeking a Senior Cyber Threat Intelligence Analyst to analyze threats, collect intelligence, and produce reports. Candidates should have extensive experience in analyzing cyber threats and strong communication skills, with a preference for a Bachelor's... 
    Senior
    Intelligence
    Full time

    Witt/Kieffer

    Washington DC
    2 days ago
  • DEFTEC Corporation is hiring a Senior CBRN Analyst to provide critical support to the Department of Homeland Security. Located...  ...in chemical, biological, radiological, and nuclear threats to produce intelligence for senior decision-makers. The ideal candidate will have... 
    Senior
    Intelligence

    DEFTEC Corporation

    Washington DC
    3 days ago
  • A leading cybersecurity firm is seeking a Principal Threat Intelligence Researcher to deliver critical intelligence insights for clients. This remote role requires at least 7 years in the cyber threat intelligence field, exceptional analytical and communication skills,... 
    Senior
    Intelligence
    Remote work

    Palo Alto Networks

    Arlington, VA
    18 hours ago
  • Peraton is seeking a Mobile Threat Analyst based in Arlington, VA. The role involves conducting forensic examinations of mobile devices, analyzing mobile applications for threats, and assessing cybersecurity environments to bolster U.S. missions globally. Candidates should... 
    Senior
    Intelligence
    Full time

    Peraton

    Arlington, VA
    2 days ago
  • CoreWeave is seeking a Senior Threat Intelligence Specialist based in Washington, D.C. to lead geopolitical risk and supply chain intelligence efforts pivotal for global operations. You'll analyze geopolitical instability and produce actionable intelligence for key business... 
    Senior
    Intelligence

    CoreWeave

    Washington DC
    3 days ago
  • $140.5k - $210.5k

     ...assessments. The role demands a Bachelor's degree in a related field and 6-8 years of experience in cybersecurity. Key duties include threat intelligence analysis, incident response, and leading vulnerability management projects. The position is on-site in Washington and offers... 
    Senior
    Intelligence

    Federal Reserve System

    Washington DC
    1 day ago
  • Palo Alto Networks is seeking a threat intelligence analyst to provide actionable intelligence and analyze global datasets to track malicious cyber actors. The ideal candidate should possess experience with data analysis platforms and malware tools, and have strong communication... 
    Senior
    Intelligence
    Remote job

    Palo Alto Networks

    Washington DC
    1 day ago
  • A defense contractor is seeking a Senior All-Source Analyst (Production / Janus/Hard Target) to support USCYBERCOM J2 in the National Capital...  ...7+ years with a bachelor's degree, alongside knowledge in cyber threat analysis and the ability to work independently. The position... 
    Senior
    Intelligence
    For contractors

    Kinsley Power Systems

    Alexandria, VA
    1 day ago
  • $104k - $166k

    Peraton in Arlington, VA is seeking a Mobile Threat Analyst to conduct forensic examinations of mobile devices and analyze mobile applications for threats. The ideal candidate will have a Bachelor’s degree and relevant experience, possess cybersecurity certifications,... 
    Senior
    Intelligence

    Peraton

    Arlington, VA
    3 days ago
  • $145k - $152k

    PAE Government Services Inc. is looking for a professional to support counter-threat finance operations for U.S. and allied government agencies. The role includes coordinating intelligence analysis and enhancing strategic planning efforts. The ideal candidate will have... 
    Senior
    Intelligence

    PAE Government Services Inc.

    Washington DC
    1 day ago
  • $139.6k - $225.78k

    Palo Alto Networks, Inc. is seeking a remote role focused on providing timely intelligence to identify cyber threats. This position involves leveraging global datasets to track malicious actors and collaborating with a worldwide team of analysts to develop strategic threat... 
    Senior
    Intelligence
    Remote job
    Worldwide

    Palo Alto Networks, Inc.

    Washington DC
    18 hours ago
  • SOS International LLC in Washington, DC, is seeking a Cyber Intelligence Analyst III to oversee cyber threat intelligence activities. The role involves analyzing threats, supporting defense operations, and producing intelligence reports. Candidates should have at least... 
    Senior
    Intelligence
    Full time
    Casual work
    Remote work
    Worldwide

    SOS International LLC

    Washington DC
    4 days ago
  •  ...religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law. Senior Cyber Threat Intelligence Analyst Qualifications 10 years' experience in conducting in-depth analysis of cyber threats, including malware,... 
    Senior
    Intelligence
    Full time
    Part time
    Work at office

    Witt/Kieffer

    Washington DC
    2 days ago
  • $147.5k - $208.95k

    The Senior Manager, Investigations & Insider Threat leads the AV Security organization’s investigative function and insider threat risk management program...  ...’s degree in criminal justice, Security Studies, Intelligence, or related field (Master’s preferred). 8‑12+ years... 
    Senior
    Intelligence
    Permanent employment
    For contractors

    AeroVironment, Inc.

    Arlington, VA
    2 days ago
  • Revolutional is seeking a Cyber Intelligence Analyst III in Washington, DC. This role involves managing the cyber intelligence lifecycle...  ...clearance. You will work under pressure to brief findings to senior leadership, requiring deep experience in cybersecurity and intelligence... 
    Senior
    Intelligence

    Revolutional

    Washington DC
    18 hours ago
  • TRM Labs is seeking an All-Source Intelligence Analyst to spearhead investigations against scams. This role requires 5-8+ years of all-source investigative experience, legal process expertise, and the ability to operate in dynamic environments. You will collaborate with... 
    Senior
    Intelligence

    TRM Labs

    Washington DC
    2 days ago
  •  ...in Bethesda, MD, is looking for an All-Source Analyst to support USCYBERCOM's mission. The role involves analyzing multi-source intelligence, producing reports, and collaborating with various intelligence community counterparts. The ideal candidate should have at least... 
    Senior
    Intelligence

    Leidos

    Bethesda, MD
    1 day ago
  • UltraViolet Cyber, located in McLean, Virginia, is actively seeking a Cyber Threat Researcher (Level II) for its Threat Intelligence & Detection Engineering team. This role involves engaging in threat hunts and creating effective threat detections to protect clients from... 
    Senior
    Intelligence

    Uvcyber

    Mc Lean, VA
    4 days ago
  •  ...Twenty’s offensive cyber research program—setting the...  ...partner closely with engineering, product, and operations...  ...executives and senior government stakeholders...  ...teams, or nation-state threat research. You have...  ...experience with multi-source intelligence fusion or cross-domain... 
    Intelligence
    Full time
    Work at office
    Flexible hours

    Twenty

    Washington DC
    9 days ago
  • $132k

    A government contractor is seeking a mid- or senior-level All Source Analyst in Arlington, Virginia. This role supports the Army G-...  ...in a relevant field, with at least 10 years of experience in intelligence analysis. The role offers a salary range of $132,000 and includes... 
    Senior
    Intelligence
    For contractors

    Ballygar AI

    Arlington, VA
    1 day ago
  • Saic is hiring a Financial Intel Analyst in Arlington, VA. The role involves analyzing cryptocurrency and financial intelligence to support national security objectives. The successful candidate will produce actionable intelligence reports and collaborate with the intelligence... 
    Senior
    Intelligence

    Saic

    Arlington, VA
    18 days ago
  •  ...exceptionally skilled Offensive Cyber Research Engineer for an in-office position in its...  ...operations, advanced penetration testing, or threat intelligence analysis—to shape the technical...  ...sophisticated offensive security assessments ~ Senior-level Threat Hunting and threat... 
    Intelligence
    Full time
    Work at office
    Worldwide
    Flexible hours

    Twenty

    Washington DC
    9 days ago
  •  ...seeking a CTF Planner (Expert) in Washington, DC, to support U.S. national security efforts. You will be instrumental in coordinating intelligence analysis, planning operations, and integrating best practices in support of the Department of Defense's critical missions. This... 
    Senior
    Intelligence

    Amentum

    Washington DC
    3 days ago
  • $143k - $210k

     ...CRWV) in March 2025. Learn more at What You’ll Do As a Senior Threat Intelligence Specialist, you will lead geopolitical risk and supply chain...  .... This role will lead the collection, analysis, engineering, and operationalization of intelligence related to geopolitical... 
    Senior
    Intelligence
    Permanent employment
    Temporary work
    Work at office
    Flexible hours

    CoreWeave

    Washington DC
    3 days ago
  •  ...performing processing, triage, threat analysis, and response to...  ...., identifying cyber threat intelligence about suspicious processes,...  ...exploit-db, etc.). Experience researching and analyzing cyber threats...  ...and mission areas to inform senior leaders and drive priorities... 
    Senior
    Intelligence
    Currently hiring

    Peraton

    Arlington, VA
    18 hours ago
  • $3,000 per month

     ...Martin, Rotary Mission Systems Cyber & Intelligence invites you to step up to one of today’s...  ...cybersecurity experts on the forefront of threat protection and proactive prevention. In...  ...standards, confer with users or system engineers; analyze systems flow, data usage and work... 
    Senior
    Intelligence

    Lockheed Martin

    Hyattsville, MD
    18 hours ago
  •  ...A cybersecurity and intelligence firm in Arlington, VA is seeking a Cyber Eviction Analyst with strong qualifications in incident response...  .... This role involves serving as a subject matter expert in threat analysis, providing technical solutions, collaborating across... 
    Senior
    Intelligence

    Nightwing Group

    Arlington, VA
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior Research Engineer, Threat Intelligence. Be the first to apply!