Staff Threat Research Engineer

TL;DR

Staff Threat Research Engineer (Cybersecurity): Conducting applied and original threat research, transforming intelligence, telemetry, and investigation into actionable detection logic for the hirify.global SIEM. Focus on malware analysis, infrastructure tracking, or honeypot operations, to discover new attacker behaviors.

Location: Remote, USA

Salary: $162,000 - $190,000

Company

hirify.global helps make the digital world secure, fast, and reliable by unifying critical security and operational data through its Intelligent Operations Platform.

What you will do

• Conduct and lead both applied and original threat research, transforming intelligence, telemetry, and investigation into actionable detection logic for the hirify.global SIEM.
• Collaborate closely within Threat Labs to design, build, and refine detection content and validation pipelines that raise the bar for product and customer detection quality.
• Drive innovation in detection methodologies, including research activities such as malware analysis, infrastructure tracking, or honeypot operations, to discover new attacker behaviors.
• Publish and share findings that help customers maximize SIEM outcomes.
• Contribute to Threat Labs’ long‑term vision of a research‑driven, continuously evolving detection ecosystem built on practitioner insight and technical depth.

Requirements

• 12+ years of cybersecurity experience that includes a mix of senior/principal SOC analyst, threat hunter, or purple team practitioner and incident responder or detection engineer roles.
• Demonstrated ability to progress threat research into actionable detections and incident response outcomes.
• Experience conducting original or self‑directed threat research that resulted in novel findings.
• Broad knowledge of multiple technology stacks and a strong curiosity to learn new platforms.
• Deep experience with multiple major public clouds (AWS, Azure, or GCP), and familiarity with analyzing cloud‑native logs and telemetry.
• Understanding of emerging attack techniques targeting AI infrastructure and machine learning pipelines, and familiarity with frameworks such as MITRE ATLAS.
• Must be authorized to work in the United States at time of hire and for duration of employment. At this time, we are not able to offer nonimmigrant visa sponsorship for this position.

Nice to have

• Prior experience in customer-facing technical roles (consulting, remote support, or advisory).
• Hands‑on familiarity with offensive security tools (Atomic Red Team, Sliver, Cobalt Strike, etc.).
• Scripting or automation capability (Python, PowerShell, etc.).
• Experience with Security Orchestration, Automation, and Response (SOAR) technology.
• Recognized presence or active participation in the security community (e.g., X/Twitter, conferences, open source).
• Experience applying AI or machine learning techniques to improve operational efficiency and automation across the detection rule development lifecycle — from research and validation to deployment and tuning.

Culture & Benefits

• Empower digital teams to move from reaction to readiness—combining agentic AI-powered SIEM and log analytics into a single platform to detect, investigate, and resolve modern challenges.