Threat Intelligence Researcher (Cloud)

Description

• Join Wiz, the fastest-growing startup ever, and be at the forefront of reinventing cloud security. We are on a mission to empower businesses to thrive in the cloud by securing their environments, enabling them to accelerate their growth. Trusted by security teams worldwide, Wiz has a proven track record of success and fosters a culture that values world-class talent.
• As a Threat Intelligence Researcher specializing in Cloud environments, you will play a pivotal role within our Threat Research team. Your primary responsibility will be to track, analyze, and report on the most sophisticated and advanced threats targeting cloud ecosystems, contributing directly to the protection of our customers.
• You will be instrumental in identifying, analyzing, and tracking advanced state-backed and financially motivated threat actors who specifically target cloud infrastructure and services. This involves deep dives into their tactics, techniques, and procedures (TTPs) to understand their methodologies and predict their future actions.
• A key aspect of this role is proactive threat hunting. You will meticulously hunt through a wide array of data sources, both open-source intelligence (OSINT) and proprietary telemetry, to uncover and identify malicious campaigns that pose a risk to Wiz customers.
• You will leverage a combination of open and closed data sources to meticulously track the infrastructure, tools, and malware employed by these advanced threat actors. This requires a keen eye for detail and the ability to connect disparate pieces of information into a coherent threat picture.
• A significant part of your contribution will involve investigating and attributing incidents, ongoing campaigns, and specific threat actors. The goal is to gain a profound understanding of the attackers, their motivations, their operational capabilities, and their ultimate objectives.
• You will be responsible for communicating your novel findings and critical insights to a diverse range of audiences. This includes internal teams, Wiz customers who rely on our security posture, and the broader public through reports and potential publications.
• This role demands the ability to discover novel and durable methods for identifying and tracking threat actors across multiple, often complex, data sets. You will need to think creatively to overcome attribution challenges and develop persistent tracking strategies.
• You will work extensively with large-scale telemetry data, focusing on infrastructure hunting. This involves utilizing query languages and scripting to pivot through vast amounts of data, uncovering hidden patterns and malicious activities.
• Familiarity with malware analysis techniques is essential. You will be expected to use tools like YARA to hunt for known and unknown malware variants, contributing to our detection and prevention capabilities.
• We encourage a proactive and adaptable mindset. You will be expected to take on multiple roles and responsibilities as needed to build out comprehensive actor tracking capabilities and contribute to the overall strength of the Threat Research team.
• The ideal candidate will possess a strong understanding of major cloud providers such as AWS, GCP, and Azure, as well as familiarity with Kubernetes and modern cloud-native architectures. This knowledge is crucial for understanding the attack surface and the specific threats targeting these environments.
• Experience in building tools or automating processes to exploit data sources in a repeatable and scalable manner will be highly valued, enabling more efficient and effective threat research.
• A proven track record of public communication of novel and newsworthy findings, such as through blog posts, conference presentations, or security advisories, is a significant advantage.
• A background in incident response, dedicated threat intelligence roles, or proactive threat hunting will provide a strong foundation for success in this position.
• You will be joining a dynamic and rapidly growing company that is defining the future of cloud security. Your work will directly impact the security posture of hundreds of customers, including over 50% of the Fortune 100, who trust Wiz to secure billions of files daily.
• This is an opportunity to make a significant impact in a massive and growing market. At Wiz, you'll have the freedom to think creatively, dream big, and utilize your full range of skills to contribute to our record-breaking growth.
• Help us create secure cloud environments that allow the world's leading companies to move faster and innovate with confidence. Become a key part of our mission to make the cloud a safer place for businesses everywhere.

Requirements

• 5+ years of experience in security or threat research, with a proven track record of tracking sophisticated threat actors.
• Ability to find novel and durable ways of identifying and tracking threat actors across multiple data sets.
• Experience working with large-scale telemetry, especially infrastructure hunting and by pivoting through query languages and scripting.
• Familiarity with malware analysis and using YARA to hunt for malware.
• Knowledge of the major cloud and identity providers (AWS, GCP, Azure), Kubernetes, and modern cloud-native architectures.
• Track record of public communication of novel and newsworthy findings.

️ Benefits

• Medical, dental, and vision insurance
• Home Office Setup reimbursement
• Flexible Spending Accounts
• Monthly Connectivity reimbursement
• Employee Assistance Program (EAP)
• Short- and Long-term Disability Insurance
• Life & Accident Insurance
• 401(k) Retirement Savings Plan (with employer match)
• Flexible paid time off + 11 paid holidays
• Paid leave programs, including parental, pregnancy health, medical and bereavement leave

Apply tot his job Apply To this Job