Threat Intelligence Researcher - CTI (Cybersecurity)
Вакансия из Hirify Global, списка международных tech-компанийДля мэтча и отклика нужен Plus
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Threat Intelligence Researcher - CTI (Cybersecurity): Execute the CTI research roadmap across attribution, infrastructure prediction, EASM, and STIX/OpenCTI knowledge base with an accent on graph-pivoting, attribution heuristics, temporal/link models, and high-signal EASM detectors. Focus on normalizing and enriching intel into STIX 2.1, shipping detectors/models with AI teams, curating datasets, and evaluating KPIs for improved signal-to-noise.
Location: Tel Aviv
Company
redefines cyber defense with AI-powered platform combining human expertise to protect nations and critical infrastructure using proprietary Cyber Language Models.
What you will do
- Execute CTI research roadmap covering attribution, infra prediction, EASM, and STIX knowledge base.
- Design and implement graph-pivoting, attribution heuristics, and temporal/link models.
- Build high-signal EASM detectors with passive discovery, safe active probing, and reproducible evidence capture.
- Normalize, enrich, and deduplicate intel into STIX 2.1 aligned to ontology; maintain TAXII/OpenCTI/MISP connectors.
- Ship detectors, models, and enrichment services with AI/Platform teams, including tests, docs, and runbooks.
- Curate datasets, define ground truth, evaluate KPIs, produce watchlists, briefs, and early-warning hypotheses.
Requirements
- 4-7+ years in CTI/EASM/offensive research or adversary-infra analysis.
- Expertise in DNS, BGP/ASNs, TLS/PKI & CT logs, hosting/CDN/cloud patterns, domain lifecycle, phishing ecosystems.
- Experience with communities/embeddings/clustering, temporal/link modeling, passive discovery, safe active probing.
- Proficiency in STIX 2.1, ATT&CK, TAXII; OpenCTI/MISP advantage; ontology alignment.
- Python (pandas, notebooks, scikit-learn, networkx/igraph); Neo4j/Elasticsearch; Kafka/SQS/Redis; Docker/Kubernetes.
- Analytical writing, collaborative Git workflow, documentation rigor; prompting/tool-use for extraction.
Culture & Benefits
- Passionate team driven by expertise and innovation tackling real-world cyber challenges.
- Opportunity to build next-gen CTI platform and make digital world safer.
- Open to candidates eager to grow even if not perfect match.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →
Похожие вакансии
Cloud Security Lead (Cybersecurity)
Threat Detection Researcher (Windows/Linux) (Cybersecurity)
Senior Product Security Researcher (Cybersecurity)
Senior Product Security Engineer (AI)
Junior Cyber Security Specialist (Cybersecurity)