Principal Security Researcher, SIEM

Reports to: Senior Manager, Product Research

Location: Remote US

Compensation Range: $180,000 to $200,000 base plus bonus and equity  

What We Do: 

Founded in 2015 as a fully remote company by former NSA cyber operators, Huntress was built on a simple premise: to force hackers to earn every inch of their access. 

Today’s cyber-attacks aren’t limited to large organizations with the security tools that can ward off threats. Hackers don't discriminate and will find a way to penetrate any vulnerability in any size business, which is why Huntress focuses on protecting those small to midsize businesses that make up the backbone of our economy.

Huntress stops hidden threats that sneak past preventive security tools by utilizing our award-winning security platform and expert human threat hunters through dynamic products, including Managed EDR, MDR for Microsoft 365, and Managed Security Awareness Training.

Join the hunt and help us stop hackers in their tracks!

What You’ll Do: 

Do you like getting into the weeds on all things technical, psychological, and educational and have a desire to know how things work? Then this is the position for you. We are looking for that jack of all trades who brings broad experience to each challenge presented. The Huntress Security team has the unique honor of waking up every morning knowing we’re going to make hackers regret targeting our partners and customers. As a Security Product Researcher, we’re looking for someone who wants to pour all of their creativity into building and implementing simple solutions that are disproportionately effective at countering these constantly evolving threats. Competitive candidates have experience managing, deploying, and securing SMB environments utilizing a wide variety of security software, best practices, and automation tools. Familiarity with product management, incident response, social engineering, psychology, education, and managed service provider tools are additional ways to differentiate yourself.

As you can imagine, success doesn’t happen in a vacuum. An effective Security Researcher fosters highly collaborative environments between the Product, Engineering, and Security teams to accelerate our mission and secure the 99% of businesses that fall below the enterprise poverty line. This collaboration is needed to produce and prioritize a unified technical vision that ultimately delivers our most impactful features and capabilities.

We defend over 2.5M endpoints across 33,000+ mid-sized and small business customers, and that number continues to grow each month. Considering this market’s tighter budget, it’s not financially possible to dedicate human analysts to each client. The Security Operations team addresses this challenge head-on by building and scaling highly automated efficiencies—often lightly augmented by our SOC — that make intruders earn every inch of their access while maintaining affordability and healthy gross margins.

Responsibilities:  

• Define the value of a log. Not all log sources have equal security value, and not all logs from a single source hold the same value. You will lead the processing strategy for our SIEM product to extract maximum security value from the narrowest set of logs
• Lead the security Capabilities we bring to market, owning the layered defense strategy gained by combining multiple log sources
• Ensure our SIEM is usable; you build capability & feature use cases that integrate needs from SOC analysts and IR firms who will use this product daily
• Ensure our SIEM’s alerts are highly accurate and accepted by customers. We strive for 99% accuracy for critical alerts
• Own & nurture the cross-department relationships critical to successful product delivery & launch
• Proven organizational and program management skills, with a keen attention to detail and a sense of urgency to deliver an exceptional product under tight deadline pressures
• Eagerness to engage, report, and be accountable to executive stakeholders
• Passion to translate your expertise in nontechnical ways to deliver impactful security outcomes that protect the 99%
• Promote Huntress’ reputation through media interaction, public speaking, and blogs
• Educate the public on how to be security savvy in novel and fun ways

What You Bring To The Team: 

• Expert in various log types, especially windows event logs + how they correlate to attacker tradecraft
• Proven track record building, deploying, and maturing SIEM technology (vendor agnostic, preferred)
• Experience working in a SOC
• Expert in building a metrics-driven tuning program
• Expert in coverage gap analysis
• Expert in detection tuning
• Expert at translating current trends in cyber security for both technical and non-technical audiences
• Expert at translating MITRE TTPs to Customer value propositions
• Expert at researching emerging tradecraft 

What We Offer: 

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans 
• 401(k) with 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees 
• One-time $500 reimbursement to build/upgrade home office
• Annual allowance for education and professional development assistance 
• $75 USD/month digital reimbursement
• Access to both Udemy and BetterUp platforms for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice and is empowered to come to work every day just as they are. 

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.  

We do discriminate against hackers who try to exploit small businesses. 

Accommodations: 

If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or participating in the employee selection process, please direct your inquiries to [email protected]. Please note that non-accommodation requests to this inbox will not receive a response. 

If you have questions about your personal data privacy at Huntress, please visit our privacy page.

#BI-Remote