Security Researcher

Security San Francisco Full-time

We are hiring a Security Researcher to join our threat intelligence team in San Francisco. You will conduct deep research into emerging attack techniques, develop proof-of-concept exploits, and contribute to the threat intelligence feeds that power our detection engine.

Your research will directly inform how we protect our customers. You will reverse-engineer malware, analyze attacker infrastructure, track threat actor campaigns, and publish your findings both internally and to the broader security community. You will work closely with our detection engineering team to ensure research translates into actionable protection.

This role is ideal for someone who thrives on technical depth and wants their research to have immediate, real-world impact. We provide access to cutting-edge analysis tools, malware sandboxes, and a network of industry contacts that will accelerate your research.

Responsibilities
  • Conduct in-depth analysis of emerging malware families and attack campaigns
  • Develop proof-of-concept exploits to validate vulnerability severity and impact
  • Produce actionable threat intelligence reports for internal teams and customers
  • Maintain and expand coverage of threat actor TTPs in our intelligence database
  • Collaborate with detection engineers to create signatures and behavioral rules
  • Represent Cyberix at security conferences and contribute to the research community
Requirements
  • 3+ years of experience in threat research, malware analysis, or vulnerability research
  • Proficiency in reverse engineering tools (IDA Pro, Ghidra, x64dbg)
  • Strong understanding of Windows and Linux internals and common exploitation techniques
  • Experience with network traffic analysis and protocol dissection
  • Ability to write clear, detailed technical reports for both technical and executive audiences
  • Familiarity with the MITRE ATT&CK framework and threat intelligence standards (STIX/TAXII)
Nice to Have
  • Published CVEs or security advisories
  • Presentations at major security conferences (Black Hat, DEF CON, REcon)
  • Experience with automated malware analysis sandboxes and YARA rule development
  • Background in APT tracking or nation-state threat intelligence
What We Offer
Comprehensive health, dental & vision
Competitive equity package
$5K annual learning budget
$2K remote setup stipend
Generous PTO & flexible schedule
Annual team offsites

Interested in this role?

Send us your resume and a brief note about why you are excited about this position. We review every application and respond within five business days.