ThreatOps macOS Researcher - Huntress Raleigh, North Carolina, United States Bookmark Share Print 39 0 0

Listing Description

Reports to: Director of ThreatOps Research & Development


Location: Remote, US


Compensation Range: $120,000 to $180,000 base plus bonus and equity


What We Do:


Founded in 2015 by former NSA cyber operators, Huntress was built on a simple premise: to force hackers to earn every inch of their access.


Today’s cyber-attacks aren’t limited to large organizations with the security tools that can ward off threats. Hackers don't discriminate and will find a way to penetrate any vulnerability in any size business.  Huntress enables IT providers and resellers to stop hidden threats that sneak past preventive security tools.


Through a combination of expert human threat hunters, a comprehensive platform, and a desire to make the world a safer place, we’re working to deliver cybersecurity to the 99%—those small to midsize businesses that make up the backbone of our economy. 


Join the hunt and help us stop hackers in their tracks!


About the Role:


The Huntress ThreatOps team has the unique honor to wake up every morning knowing we’re going to make hackers regret targeting our partners and customers. As a ThreatOps macOS Researcher, we’re looking for someone who wants to pour all of their creativity into building and implementing simple solutions which are disproportionately effective at countering these constantly evolving threats. Competitive candidates have experience developing, experimenting, reverse engineering, and collaborating with diverse cybersecurity teams who are offense-minded and passionate about using under-leveraged OS functionality to prevent and detect new hacker tradecraft. Familiarity with product management, incident response, host-based threat hunting, malware analysis, configuration management and antivirus technologies are additional ways to differentiate yourself.


As you can imagine, success doesn’t happen in a vacuum. An effective researcher fosters highly collaborative environments between the Product, Marketing and Threat Operation Center teams to accelerate our mission and secure the 99% of businesses who fall below the enterprise poverty line. This collaboration is needed to produce and prioritize a unified technical vision which ultimately delivers our most impactful features and capabilities.


We defend over 1.3M endpoints across 33,000+ mid-sized and small business customers and that number continues to grow each month. Considering this market’s tighter budget, it’s not financially possible to dedicate human analysts to each client. The R&D team addresses this challenge head-on by building and scaling highly automated efficiencies—often lightly augmented by our Threat Analysts—that make intruders earn every inch of their access while maintaining affordability and healthy gross margins.


Responsibilities: 



  • Identify relevant macOS specific artifacts as well as prototype ways to parse and present these artifacts

  • Lead research and development initiatives to further threat detection and endpoint security posture 

  • Identity and prototype telemetry data that can be leveraged within Huntress to expand current prevention, hardening, and detection capabilities

  • Collaborate with our ThreatOps Analysts to identify threat patterns and develop automated solutions for analysis, classification, and categorization of data

  • Oversee the operational requirements of endpoint data collection, processing, and analysis

  • Perform analysis and reverse engineering of macOS malware to determine its characteristics and capabilities 

  • Coordinate with Product and Engineering teams to integrate and operationalize solutions developed by the research team 

  • Promote Huntress’ reputation through media interaction, public speaking, and blogs


What You Bring To The Team:  



  • Development experience across multiple platforms (e.g., Windows and/or macOS), C/C++, GoLang and Python preferred

  • Knowledge of macOS languages, such as Objective-C and Applescript a plus

  • In-depth knowledge of macOS subsystems and how they interact both at the user and kernel level preferred

  • In-depth knowledge of macOS forensic artifacts, their relevance, how they manifest, and how to parse them

  • Proficiency with IDA Pro, Binary Ninja, Ghidra, or equivalent disassembler a plus

  • Understanding of cyber security, threat actors, and end-to-end threat life cycle including one or more of the following: digital forensics, malware research, incident response, vulnerabilities and exploits


What We Offer:



  • 100% remote work environment - since our founding in 2015

  • Generous paid time off policy including vacation, sick time, and paid holidays

  • 12 weeks paid parental leave

  • Highly competitive and comprehensive medical, dental, and vision benefits plans 

  • 401(k) with 5% contribution regardless of employee contribution

  • Life and Disability insurance plans

  • Stock options for all full-time employees 

  • One-time $500 stipend to build/upgrade home office

  • Annual allowance for education and professional development assistance 

  • $75 USD/month digital reimbursement


Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to show up to work every day as their full self. 


We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status or any other legally protected status. 


We do discriminate against hackers who try to exploit small businesses.


Accommodations:


If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com. Please note non-accommodation requests to this inbox will not receive a response. 


#BI-Remote 


Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided



About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765