OBJECTIVE

We are seeking an investigative and technically skilled Threat Researcher to join our Cyber Threat Intelligence team within a global leader in cyber insurance and security services. This role is central to understanding the evolving threat landscape and providing intelligence that works to actively defend our customers. The ideal candidate blends strong technical capabilities with a bias for action, coupled with an analytical mindset and a desire to understand attacker motivations and behaviors.

EDUCATION AND EXPERIENCE:

• Bachelor’s degree in Cybersecurity, Intelligence Studies, Political Science, Computer Science, or a related field or enough experience to make the degree irrelevant.
• 3–5 years of experience in threat intelligence, threat research, incident analysis, or a similar role.
• Experience within cyber insurance, financial services, or a high-trust environment a plus but not required.

SOFT SKILLS:

• Excellent written and communication skills, with the ability to create polished, executive-ready products.
• Strong presentation and briefing skills, including for non-technical audiences.
• Highly organized and capable of balancing multiple concurrent initiatives.
• Collaborative spirit, with the ability to work across functional teams in a complex environment.

RESPONSIBILITIES

• Build tooling that shortens the time between discovery and application of threat intelligence with a clear impact to the defensive posture of our customers.
• Monitor and investigate threat actors, malware campaigns, and emerging vulnerabilities with potential impact to insured organizations.
• Produce clear, accurate, and timely threat intelligence reports tailored to internal stakeholders (e.g., underwriting, actuarial, claims) and external clients.
• Research and contextualize cyber events using open-source intelligence (OSINT), dark web sources, proprietary tools, and threat intelligence platforms.
• Collaborate with incident response, actuarial science, underwriting, and policy teams to map intelligence to risk frameworks and exposure models.
• Maintain knowledge bases of threat actors, campaigns, TTPs, and malware variants, mapped to frameworks like MITRE ATT&CK.
• Support data enrichment and correlation across claims data, incident data, and external threat feeds.
• Brief internal stakeholders and clients on cyber threat trends, sector-specific risks, and threat actor activity.
• Engage in cross-industry information sharing communities and intelligence exchanges.