Principal Threat Researcher

At ExtraHop, we're on a mission to help organizations achieve complete visibility, real-time threat detection, and proactive security through cutting-edge network detection and response (NDR) technology. Our NDR product is a market leader, providing our customers with the ability to detect, investigate, and respond to threats faster than ever before.

We’re proud of the work we do and the recognition we’ve received, including our recent Gartner Peer Insights award, which reflects the trust and satisfaction our customers have in our solutions.

If you're passionate about innovation, dedicated to protecting digital infrastructures, and ready to make a real impact, we invite you to join our team and help us shape the future of cybersecurity.

Position Summary

We are seeking a highly skilled and motivated Senior or Principal Threat Researcher with a strong technical background in cybersecurity and previous experience in creating high-quality customer-facing content. This individual will play a key role in researching emerging cyber threats and developing content such as white papers, blog posts, webinars, and other marketing materials with ExtraHop’s marketing team. The ideal candidate will have a deep understanding of threat actors and cybersecurity trends, combined with the ability to effectively communicate complex technical findings.

As a Principal Threat Researcher, you will work independently and collaborate with Detection Engineers and Data Scientists to conduct threat research and the marketing team to develop compelling and informative content that showcases the team’s findings and positions the company as a thought leader in the industry. 

ExtraHop R&D supports fully-flexible work options that include full-time onsite, hybrid, and fully remote working arrangements. Except for a few roles that require physical access, we believe in supporting you in making the choice that works best for you and makes the team successful. 

Key Responsibilities

• Threat research and analysis:
• Conduct in-depth research on emerging network security threats, threat actors, vulnerabilities, and malware campaigns.
• Reproduce and simulate attack techniques in lab environments to understand their network signatures and to ensure thorough detection coverage. 
• Continuously monitor threat intelligence sources to stay on top of emerging threats and trends.
• Present findings and work results to other internal teams.
• Content creation:
• Develop high-quality, customer-facing content based on threat research, including white papers, blog posts, and case studies.
• Create and deliver engaging webinars, video content, and presentations to communicate research findings to both technical and non-technical audiences.
• Work closely with the marketing team to craft messages that align with the company’s brand and objectives.
• Mentorship:
• Mentor and coach other Threat Researchers regarding writing and content creation. 

Required Qualifications

• 8+ years of experience in threat research or threat intelligence
• Experience is producing public-facing written content, including white papers, blog posts, newsletters, and/or video content, such as webinars
• In-depth knowledge of networking fundamentals, including the OSI model and excellent working knowledge of the key protocols from Layer 2 through Layer 7
• Experience in detecting and reproducing network attacks, such as vulnerability exploitation, system discovery, and lateral movement techniques
• In-depth knowledge of the latest cyber threats, threat actors, and attack techniques
• Experience with security tools such as Wireshark, TShark, tcpdump, Suricata, or other packet capture/analysis tools

Preferred Qualifications

• In-depth knowledge of Windows protocols and attack techniques
• Experience working with cross-functional teams, including marketing and sales
• Proficient in at least one scripting or programming language (e.g., Python, JavaScript, Golang, YAML/TOML, etc.)
• Familiarity with software development tools such as: gitlab, github

The salary range for this position is 160,000 - 190,000 base + bonus + benefits

ABOUT EXTRAHOP 

ExtraHop is the cybersecurity partner enterprises trust to reveal the unknown and unmask the attack. We’re on a mission to protect and propagate trust by revealing the cybertruth, and we partner with every customer, every day, to uncover it. Our Reveal(x) 360 platform is the only network detection and response solution delivering the 360-degree visibility needed to see everything on the network. When organizations have full network transparency with ExtraHop, they can see more, know more, and stop more cyberattacks.

ExtraHop is recognized by leading organizations for both its innovation in the market and its commitment to building a world-class team. We’ve been recognized as a “Customer’s Choice” by Gartner Peer Insights™ Voice of the Customer, and as a Leader in the Forrester Wave®: Network Analysis and Visibility, Q2 2023. ExtraHop has won AI Breakthrough Awards four times (2018-2020, 2023) and our Channel Partner program has received a 5-star rating from CRN for our 2023 Partner Program Guide. Our flagship product, Reveal(x), has received numerous accolades, including a 2022 Edison Award for Cybersecurity. 

Employees' wellbeing is top of mind for the ExtraHop team. Employees and their families will have the option to participate in the following benefits:

• Health, Dental, and Vision Benefits
• Flexible PTO, Sick Time Prorated Based on Date of Hire, and All Federal Holidays (US Only) + 3 Days of Paid Volunteer Time
• Non-Commissioned Positions may be eligible to participate in the Annual Discretionary Bonus Plan
• FSA and Dependent Care Accounts + EAP, where applicable
• Educational Reimbursement
• 401k with Employer Match or Pension where applicable
• Pet Insurance (US Only)
• Parental Leave (US Only)
• Hybrid and Remote Work Model

*Candidates should note that the Company may modify reporting relationships, job titles and compensation, including commissions and benefits, from time to time at its sole discretion, as it deems necessary, with or without prior notice.

We are intentional about our culture, diversity, and inclusion, and we welcome everyone to come ready to participate in contributing to this truly unique environment. At ExtraHop, we believe that the best products, services, and companies are built by strong teams that include a diversity of backgrounds, perspectives, ideas, and experiences. We are committed to supporting and enabling growth and opportunity for every employee at every level. This is the foundation of our success. 

We are equally committed to equal employment opportunity, and it is foundational to how we recruit and hire our talented team. Employment is determined based upon capabilities and qualifications without discrimination on the basis of race, color, religion, sex, gender identification and expression, marital status, military status, pregnancy (including but not limited to potential pregnancy and pregnancy-related conditions), sexual orientation, age , national origin, ancestry, citizenship or immigration status, disability ,, genetic information, or any other protected class as established by law.

Our people are our most important competitive advantage, leading the charge cyber criminals and insider threats.

Ready to join us?   #Extrahop #Security #NDR #informationsecurity #cybersecurity #cloudsecurity #infosec #LI-Remote