As a Cyber Threat Researcher, you'll engage in threat hunting, enhance detection rules, mentor junior analysts, and collaborate with SOC teams to investigate incidents.
Make a difference here.
UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.
By creating continuously optimized identification, detection, and resilience from today’s dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India.
UltraViolet Cyber is seeking an Cyber Threat Researcher (Level II) to join our Threat Intelligence & Detection Engineering (TIDE) team. Your primary responsibilities will be engaging in threat hunts to identify, investigate, and respond to cyber threats in our customer environments, creating intelligence-based threat detections to defend our customers against modern cyber threats, and leveraging your knowledge of the cyber threat landscape to support offensive and defensive threat intelligence objectives. This role requires you to lean on deep technical expertise, advanced analytic skillsets, and knowledge of adversarial tactics, techniques, and procedures (TTPs) to help stop threat actors from compromising our customers. The ideal candidate will be open to engaging with internal account teams and customers to help strengthen their security posture, identify weaknesses, report on findings, and report on detection strategies.
What You'll Do:
- Proactively create detection rules to alert SOC analysts of intrusions against customer networks.
- Assist with tuning and enhancing existing detection rules to better defend against evolving threats.
- Support hypotheses-driven threat hunting efforts using security data and intelligence.
- Support threat intelligence objectives by contributing to offensive and defensive threat intelligence reports.
- Research and track adversary TTPs and leverage frameworks such as MITRE ATT&CK.
- Provide technical mentorship to junior threat hunters and SOC analysts.
- Contribute to continuous improvement of detection engineering and hunting methodologies.
- Regularly engage with internal account teams and customers to help strengthen their security posture, identify weaknesses, report on findings, and report on detection strategies.
- Provide technical insight to internal account teams and customers as needed.
- Collaborate with Incident Response and SOC teams to investigate and contain security incidents.
What You've Done:
- U.S. citizenship is required.
- At least 4+ years of experience in cybersecurity, with at least 1 year focused on threat hunting or detection engineering.
- History of building custom behavior-based and/or threshold-based detections in customer environments from scratch.
- Capable of identifying and tuning flaws in existing detections to reduce noise with little to no oversight.
- Experience performing hypothesis-driven threat hunts in customer environments.
- Capable of clearly and concisely reporting findings from threat hunts.
- History of attending customer meetings, including those involving senior leadership.
- Working understanding of the MITRE ATT&CK framework.
- Background knowledge in the cyber threat landscape, including threat actors, malware, and evolving TTPs.
- Experience working with cyber threat intelligence analysts/teams to identify new detection opportunities.
- Proficiency with SIEMs, EDR/XDR platforms, and log analysis tools.
- Experience with scripting languages (Python, PowerShell, etc.) for scripting purposes.
- Enjoy working in a team environment.
- Willingness to learn from more senior team members while mentoring junior team members.
Preferred Qualifications:
- Experience building detections in SentinelOne, Elastic, and/or CrowdStrike platforms preferred.
- Prior experience as part of, or directly supporting, a Threat Intelligence team.
- GIAC Threat Hunting (GCTH), Certified Enterprise Defender (GCED), or Certified Intrusion Analyst (GCIA) certification(s)
What We Offer:
- 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed
- Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)
- Group Term Life, Short-Term Disability, Long-Term Disability
- Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness
- Participation in the Discretionary Time Off (DTO) Program
- 11 Paid Holidays Annually
UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors.
We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable.
UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status.
If you want to make an impact, UltraViolet Cyber is the place for you!
Similar Jobs
12 Days Ago
Fintech • Machine Learning • Payments • Software • Financial Services
The Senior Manager, Cyber Threat Researcher will analyze and mitigate cyber threats, leveraging data integration and collaboration while maintaining industry expertise.
Top Skills:
AWSAzureGCPPerlPHPPowershellPythonSQL
Fintech • Machine Learning • Payments • Software • Financial Services
The role involves researching cyber threats, creating data mechanisms to identify threats, maintaining expertise in the cyber landscape, and communicating findings to various audiences.
Top Skills:
AWSAzureGCPPerlPHPPowershellPython
Security • Cybersecurity
As an Associate Cyber Threat Researcher, you'll engage in threat hunting, create detection rules, and support threat intelligence efforts while mentoring juniors and collaborating with SOC teams.
Top Skills:
EdrPowershellPythonSiemsXdr
What you need to know about the Los Angeles Tech Scene
Los Angeles is a global leader in entertainment, so it’s no surprise that many of the biggest players in streaming, digital media and game development call the city home. But the city boasts plenty of non-entertainment innovation as well, with tech companies spanning verticals like AI, fintech, e-commerce and biotech. With major universities like Caltech, UCLA, USC and the nearby UC Irvine, the city has a steady supply of top-flight tech and engineering talent — not counting the graduates flocking to Los Angeles from across the world to enjoy its beaches, culture and year-round temperate climate.
Key Facts About Los Angeles Tech
- Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
- Key Industries: Artificial intelligence, adtech, media, software, game development
- Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
- Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering
