Director, Insikt - Advanced Reversing, Malware, Operations and Reconnaissance

ARMOR, Insikt Group, Recorded Future

Washington, D.C. / Boston, MA / UK / 

This Role: 

Recorded Future's Insikt Group is seeking an experienced leader for our malware reversing and detections team. This is an established, distributed team of experienced threat intelligence analysts and researchers comprising two sub-teams - new and emerging threats and our reversing team, which are led by established managers. These teams contribute to the Recorded Future Platform with up-to-date hunting packages, YARA, and Sigma rules, support our Analyst on Demand service, partner with our state-sponsored and cyber crime teams for technical support analyzing TTPs, surface and analyze new and emerging threats, and contribute to strategic research initiatives.

What You’ll Do: 

• Manage a staff of managers, intelligence analysts, and researchers distributed globally producing current (daily), strategic, and client requested finished intelligence; these can be quick turnarounds and compete with other priorities.
• Provide feedback and guidance on product sourcing, collection, data analytics, and module improvements applicable to the team and client use cases.
• Partner closely with internal Recorded Future departments: Product Management, Engineering, Data Science, Intelligence Services, Sales and Marketing.
• Ensure team output adheres to best practices, maintaining the highest quality. 
• Provide guidance, strategy and leadership to internal and external stakeholders in areas involving cyber defense, blue teaming and network defense.
• Represent Recorded Future at conferences, webinars, and engage with our clients through our Community outreach.

What You’ll Bring (Required):

• Demonstrative understanding of malware analysis and emerging threats in the context  of cyber security, pivoting, network defense, and business risk.
• Proven success as a leader with experience developing and mentoring managers to deliver results; ability to deliver day-to-day and maintain focus on long term growth and results.

Experience developing intelligence requirements; establishing strategic plans and objectives.

• Exemplary organizational and interpersonal skills that allow you to respond to shifting priorities, work calmly under pressure, resolve conflict, and facilitate creative problem solving.
• Passion for working with people, service to others, and continual product and outcome improvement. Adept at managing up, down and across.
• Talent for working directly with customers to determine requirements and consultatively guiding them to the “best fit” solution
• Excellent written and verbal communication; ability to convey complex technical and non-technical concepts
• Experience with Windows, iOS, Android, MacOS or malware analysis

Highly Desirable Skills/Experience (not required):

• MA/MS or equivalent experience in Computer Science, Computer Engineering, Information Security, or a related field
• BA/BS or equivalent experience in Computer Science, Computer Engineering, Information Security, Security Studies, Intelligence, or a related field
• 8+ years of experience in Information Security and/or Threat Intelligence
• Demonstrable experience conducting technical threat analysis and research
• Demonstrable experience with structured analytical techniques, the intelligence cycle, and intelligence writing techniques and methodologies
• Scripting capabilities in Python (preferred), Go, C, C++, or Java
• Experience writing network and endpoint signature detections using Sigma, SNORT and YARA
• Familiarity with platforms such as MISP, Maltego, the ELK stack, and AWS OpenSearch
• Knowledge of TCP/IP and other networking protocols and datasets relevant to intrusion and network infrastructure analysis