Principal Threat Research Engineer

With 1,000 intelligence professionals, over $300M in sales, and serving over 1,900 clients worldwide, Recorded Future is the world’s most advanced, and largest, intelligence company!

Principal Threat Research Engineer, Attack Surface Intelligence

With 1,000 intelligence professionals, over $300M in sales, and serving over 1,800 clients worldwide, Recorded Future is the world’s most advanced, and largest, intelligence company!

We are seeking an experienced Senior Detection Engineer to assist in the research and authorship of our technology detection capabilities.  Your primary responsibility will be to take ownership of how the Attack Surface Intelligence (ASI) product can remotely assess customer environments for technologies, vulnerabilities, and misconfigurations of interest in a timely and accurate fashion.

What you will be doing:

• Signature Development:  Author detections for vulnerabilities, misconfigurations, and technology detections using a variety of means (YAML signatures, NMAP probes, banner grabs, etc.)
• Data-Driven Intelligence: Develop a mechanism of using Recorded Future intelligence sources to align signature development priorities to customer intelligence requirements
• Vulnerability Intelligence: Build and leverage a collection of sources for maintaining visibility of upcoming vulnerabilities.
• Detection Lifecycle: Own the lifecycle of detection development within ASI, including research, authorship, deployment, and reporting around deployed detections.
• Quality Assurance: Collaborate with support and engineering teams to verify false positives and false negatives, serving as a subject matter expert for detections and their implications within customer environments.
• Internal Tool Development: Collaborate in developing and enhancing internal tooling (primarily Python, adjacent teams using Go).
• Collaboration: Work closely with other engineers and the Insikt group to establish pipelines for sharing signatures and tradecraft.
• AI-Driven Solutions: Explore and implement AI-driven solutions for content summary, classification, enrichment, and generation to enhance detection capabilities.

What you will need:

• At least 6 years of experience in developing detections with an ability to manage high-volume/low-touch vulnerabilities vs. ones that require more analysis.
• Experience in building and owning internal tooling in Python.
• A strong understanding of network protocols and detection methodologies.
• Experience with vulnerability scanning tools and methodologies.
• Self-motivated and curious, with high initiative to own a problem and propose a way forward with a data-driven mindset.
• Strong communications and the ability to work collaboratively with coworkers across different timezones, cultures, and levels of expertise.

Preferred Qualifications : 

• Experience in coordinating or publishing vulnerability research artifacts, or working closely with teams who do
• Familiarity with AI/ML applications in cybersecurity in an operational environment
• Experience conducting reverse engineering or malware analysis
• Any familiarity with enterprise security products related to Recorded Future’s offerings

Why should you join Recorded Future?
Recorded Future employees (or “Futurists”), represent over 40 nationalities and embody our core values of having high standards, practicing inclusion, and acting ethically. Our dedication to empowering clients with intelligence to disrupt adversaries has earned us a 4.8-star user rating from Gartner and more than 45 of the Fortune 100 companies as clients.

Want more info? 
Blog & Podcast: Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence
Linkedin, Instagram & Twitter: What’s happening at Recorded Future
The Record: The Record is a cybersecurity news publication that explores the untold stories in this rapidly changing field
Timeline: History of Recorded Future
Recognition: Check out our awards and announcements

We are committed to maintaining an environment that attracts and retains talent from a diverse range of experiences, backgrounds and lifestyles.  By ensuring all feel included and respected for being unique and bringing their whole selves to work, Recorded Future is made a better place every day.

If you need any accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to our recruiting team at careers@recordedfuture.com 

Recorded Future is an equal opportunity and affirmative action employer and we encourage candidates from all backgrounds to apply. Recorded Future does not discriminate based on race, religion, color, national origin, gender including pregnancy, sexual orientation, gender identity, age, marital status, veteran status, disability or any other characteristic protected by law.

Recorded Future will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.

Recorded Future does not administer a lie detector test as a condition of employment or continued employment. This is in compliance with the law of the Commonwealth of Massachusetts, and in alignment with our hiring practices across all jurisdictions.

Notice to Agency and Search Firm Representatives:
Recorded Future will not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to Recorded Future, including those sent to our employees or through our website, will become the property of Recorded Future. Recorded Future will not be liable for any fees related to unsolicited resumes.

Agencies must have a valid written agreement in place with Recorded Future's recruitment team and must receive written authorization before submitting resumes. Submissions made without such agreements and authorization will not be accepted and no fees will be paid.