Threat Operations Tech Researcher

Reports to: Researcher Tech Lead

Location: Remote

Compensation Range:  $113,000 to $145,000 base plus bonus and equity

What We Do:

Founded in 2015 by former NSA cyber operators, Huntress was built on a simple premise: to force hackers to earn every inch of their access. 

Today’s cyber-attacks aren’t limited to large organizations with the security tools that can ward off threats. Hackers don't discriminate and will find a way to penetrate any vulnerability in any size business.  

Huntress enables IT providers and resellers to stop hidden threats that sneak past preventive security tools. 

Through a combination of expert human threat hunters, a comprehensive platform, and a desire to make the world a safer place, we’re working to deliver cybersecurity to the 99%—those small to midsize businesses that make up the backbone of our economy.  

Join the hunt and help us stop hackers in their tracks!

What You’ll Do: 

Do you like getting into the weeds on all things technical and have a desire to know how things really work? If so, then this is the position for you. We are looking for that jack of all trades that brings broad experience to each challenge presented. The Huntress ThreatOps team has the unique honor to wake up every morning knowing we’re going to make hackers regret targeting our partners and customers. As a ThreatOps Tech Researcher, we’re looking for someone who wants to pour all of their creativity into building and implementing simple solutions which are disproportionately effective at countering these constantly evolving threats. Competitive candidates have experience managing, deploying, and securing SMB environments utilizing a wide variety of security software, best-practices, and automation tools. Familiarity with product management, incident response, host-based threat hunting, malware analysis, configuration management, antivirus technologies, and managed service provider tools are additional ways to differentiate yourself.

As you can imagine, success doesn’t happen in a vacuum. An effective Tech Researcher fosters highly collaborative environments between the Product, Engineering, and Threat Operations teams to accelerate our mission and secure the 99% of businesses who fall below the enterprise poverty line. This collaboration is needed to produce and prioritize a unified technical vision which ultimately delivers our most impactful features and capabilities.

We defend over 1.5M endpoints across 33,000+ mid-sized and small business customers and that number continues to grow each month. Considering this market’s tighter budget, it’s not financially possible to dedicate human analysts to each client. The R&D team addresses this challenge head-on by building and scaling highly automated efficiencies—often lightly augmented by our Threat Analysts—that make intruders earn every inch of their access while maintaining affordability and healthy gross margins. 

Are you ready for the challenge?

Responsibilities:  

• Conduct research and development efforts to further threat detection and endpoint security posture
• Identity and prototype telemetry data that can be leveraged within Huntress to expand current prevention, hardening, and detection capabilities
• Identify improvement opportunities in existing features and explore new ones based on feedback from partners, prospects, peers, and industry publications
• Provide an end customer perspective to Product and Engineering teams for existing and in-development features
• Coordinate with Product and Engineering teams to integrate and operationalize solutions developed by the research team 
• Promote Huntress’ reputation through media interaction, public speaking, and blogs

What You Bring To The Team:  

• In-depth knowledge of Microsoft Windows internals (e.g. NTFS, security features, Registry, Group Policy)
• Proficiency with the utilizing the Microsoft Sysinternals Suite for research and troubleshooting (e.g. Autoruns, Process Monitor, Process Explorer)
• Experience with configuration and management of endpoint security tools (e.g. NGAV, EDR, DNS Security, Endpoint Firewall) and how they interact with the operating system
• M365 Security Features & APIs (Unified Audit Log, Graph API, Management API)
• Comfortable reading API documentation for SaaS applications and programming languages
• Development experience with scripting languages used in Windows administration and API communication (e.g. Python, PowerShell)
• Understanding of how partners utilize IT automation tools such as PSAs and RMMs preferred
• Experience with conducting searches and creating visualizations in Elastic and Kibana a plus

What We Offer: 

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy including vacation, sick time, and paid holidays
• 12 weeks paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans 
• 401(k) with 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees 
• One-time $500 stipend to build/upgrade home office
• Annual allowance for education and professional development assistance 
• $75 USD/month digital reimbursement

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice and is empowered to show up to work every day as their full self. 

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status or any other legally protected status. 

We do discriminate against hackers who try to exploit small businesses.

Accommodations:

If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to [email protected].  Please note non-accommodation requests to this inbox will not receive a response.