Director, Threat Research - Advanced Reversing, Malware, Operations and Reconnaissance

With 1,000 employees, over $250M in sales, 1,500+ clients, and rapid year-over-year growth, Recorded Future is the world’s most advanced, and largest, intelligence company!

Director, Threat Research - Advanced Reversing, Malware, Operations and Reconnaissance 

ARMOR, Insikt Group, Recorded Future

Washington, D.C. / Boston, MA / UK / 

This Role: 

Recorded Future's Insikt Group is seeking an experienced leader for our malware reversing and detections team. This is an established, distributed team of experienced threat intelligence analysts and researchers comprising two sub-teams - new and emerging threats and our reversing team, which are led by established managers. These teams contribute to the Recorded Future Platform with up-to-date hunting packages, YARA, and Sigma rules, support our Analyst on Demand service, partner with our state-sponsored and cyber crime teams for technical support analyzing TTPs, surface and analyze new and emerging threats, and contribute to strategic research initiatives.

What You’ll Do: 

• Manage a staff of managers, intelligence analysts, and researchers distributed globally producing current (daily), strategic, and client requested finished intelligence; these can be quick turnarounds and compete with other priorities.
• Provide feedback and guidance on product sourcing, collection, data analytics, and module improvements applicable to the team and client use cases.
• Partner closely with internal Recorded Future departments: Product Management, Engineering, Data Science, Intelligence Services, Sales and Marketing.
• Ensure team output adheres to best practices, maintaining the highest quality. 
• Provide guidance, strategy and leadership to internal and external stakeholders in areas involving cyber defense, blue teaming and network defense.
• Represent Recorded Future at conferences, webinars, and engage with our clients through our Community outreach.

What You’ll Bring (Required):

• Demonstrative understanding of malware analysis and emerging threats in the context  of cyber security, pivoting, network defense, and business risk.
• Proven success as a leader with experience developing and mentoring managers to deliver results; ability to deliver day-to-day and maintain focus on long term growth and results.

Experience developing intelligence requirements; establishing strategic plans and objectives.

• Exemplary organizational and interpersonal skills that allow you to respond to shifting priorities, work calmly under pressure, resolve conflict, and facilitate creative problem solving.
• Passion for working with people, service to others, and continual product and outcome improvement. Adept at managing up, down and across.
• Talent for working directly with customers to determine requirements and consultatively guiding them to the “best fit” solution
• Excellent written and verbal communication; ability to convey complex technical and non-technical concepts
• Experience with Windows, iOS, Android, MacOS or malware analysis

Highly Desirable Skills/Experience (not required):

• MA/MS or equivalent experience in Computer Science, Computer Engineering, Information Security, or a related field
• BA/BS or equivalent experience in Computer Science, Computer Engineering, Information Security, Security Studies, Intelligence, or a related field
• 8+ years of experience in Information Security and/or Threat Intelligence
• Demonstrable experience conducting technical threat analysis and research
• Demonstrable experience with structured analytical techniques, the intelligence cycle, and intelligence writing techniques and methodologies
• Scripting capabilities in Python (preferred), Go, C, C++, or Java
• Experience writing network and endpoint signature detections using Sigma, SNORT and YARA
• Familiarity with platforms such as MISP, Maltego, the ELK stack, and AWS OpenSearch
• Knowledge of TCP/IP and other networking protocols and datasets relevant to intrusion and network infrastructure analysis

Why should you join Recorded Future?Recorded Future employees (or “Futurists”), represent over 40 nationalities and embody our core values of having high standards, practicing inclusion, and acting ethically. Our dedication to empowering clients with intelligence to disrupt adversaries has earned us a 4.8-star user rating from Gartner and 8 of the top 10 Fortune 100 companies as clients.

Want more info? Blog & Podcast: Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligenceInstagram & Twitter: What’s happening at Recorded FutureThe Record: The Record is a cybersecurity news publication that explores the untold stories in this rapidly changing fieldTimeline: History of Recorded FutureRecognition: Check out our awards and announcements

We are committed to maintaining an environment that attracts and retains talent from a diverse range of experiences, backgrounds and lifestyles.  By ensuring all feel included and respected for being unique and bringing their whole selves to work, Recorded Future is made a better place every day.If you need any accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to our recruiting team at [email protected] 

Recorded Future is an equal opportunity and affirmative action employer and we encourage candidates from all backgrounds to apply. Recorded Future does not discriminate based on race, religion, color, national origin, gender including pregnancy, sexual orientation, gender identity, age, marital status, veteran status, disability or any other characteristic protected by law.Recorded Future will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.