Threat Researcher (Cybersecurity)

TL;DR

Threat Researcher (Cybersecurity): Analyzing software supply chain threats and building automated detection tools with an accent on malware analysis, reverse engineering, and threat hunting. Focus on tracking APT adversaries, publishing high-impact research, and integrating insights into the core security product.

Location: Remote (United States)

Salary: $126,000 – $170,000

Company

hirify.global helps developers and security teams ship faster by providing tools to safely find, audit, and manage open source code.

What you will do

• Analyze daily threats to maintain industry benchmarks for supply chain security.
• Author technical blog posts and deep-dive research on malicious campaigns and ecosystem trends.
• Design and build automated scripts to streamline malware analysis and threat hunting workflows.
• Partner with engineering to integrate research findings into the core product for real-time protection.
• Monitor package registries and browser extensions for emerging malicious campaigns.
• Track APT adversaries and characterize their TTPs, infrastructure, and capabilities.

Requirements

• 3+ years of professional experience in security operations or a related field.
• Technical expertise in malware analysis, reverse engineering, and incident response.
• Proven experience building tools for automation and data collection.
• Strong communication skills for assessing threat impact and authoring research.
• Passion for open source software and code security.

Nice to have

• Familiarity with TypeScript or JavaScript ecosystems.
• Experience leveraging LLMs or AI-based tools for threat detection.

Culture & Benefits

• Comprehensive health benefits with 99% coverage for you and your family.
• Flexible time-off policy, including holidays and a winter shutdown.
• Meaningful equity program.
• Paid parental leave.
• Remote-first environment with quarterly team off-sites.