Senior Threat Analyst

The Role: 

Halcyon’s mission is to empower our customers with a solution that defeats ransomware, makes "ransomware history", and ensures operational resilience. To support this mission, we are seeking a highly skilled Senior Threat Analyst with deep technical expertise in malware reversing, detection engineering, and security operations. This role is critical to advancing our detection, prevention, and response capabilities, ensuring broad coverage of emerging threats, eliminating false positives, and effectively responding to these threats. The right candidate will ensure that our customers are kept safe from the latest ransomware without impacting legitimate business operations.
 
Responsibilities

• Monitor and analyze security events to detect, investigate, contain, and escalate potential threats. Correlate data across multiple sources to identify malicious activity and patterns.
• Triage and assess events to determine impact, contain incidents, and drive threat remediation in a 24/7 security operations environment.
• Willingness to accommodate changing shift schedules when necessary to support our 24/7/365 team.
• Reverse engineer Windows PE files and other malicious binaries using static and dynamic techniques to uncover capabilities, persistence methods, and indicators of compromise (IOCs).
• Design, develop, and maintain internal tools to support threat triage, correlation, and research (log parsers, incident tracking systems, custom sandboxes, etc.).
• Conduct malware analysis in disassemblers, debuggers, and sandbox environments to understand payloads, infection chains, and evasion techniques.
• Research and track evolving ransomware techniques, publishing findings to improve detection logic and response processes.
• Collaborate closely with Customers, Incident Response, Engineering and Customer Success to improve product resilience and ensure smooth customer communication during security events.

Skills and Qualifications 

• 10+ years of combined experience in reverse engineering, detection engineering, threat research, incident response, or security operations related roles.
• High proficiency in malware reversing, with demonstrated expertise in analyzing Windows PE files, unpacking obfuscated samples, and extracting behavioral and static indicators.
• Experience with Artificial Intelligence / Machine Learning methodologies and their practical use cases to enhance cybersecurity strategies and operational efficiency.
• Hands-on experience with Yara, Python, and scripting languages (PowerShell, Bash/Shell, Batch).
• Advanced knowledge of static and dynamic analysis using tools such as IDA Pro, Ghidra, x64dbg, WinDbg, Cuckoo or similar sandboxes.
• Familiarity with EDR evasion techniques, persistence mechanisms, and exploitation methods.
• Cloud Service Provider experience preferred (cloud log analysis, security, threat hunting in cloud environments).
• Proven track record in cyber threat research, malware analysis, or security operations.
• Strong collaboration and communication skills, with the ability to explain technical findings to both technical and non-technical stakeholders.

Benefits: 

Halcyon offers the following benefits to eligible employees:

• Comprehensive healthcare (medical, dental, and vision) with premiums paid in full for employees and dependents.
• 401k plan with a generous employer contribution.
• Short and long-term disability coverage, basic life and AD&D insurance plans.
• Medical and dependent care FSA options.
• Flexible PTO policy.
• Parental leave.
• Generous equity offering. 

The Company reserves the right to modify or change these benefits programs at any time, with or without notice. 

Base Salary Range: $175,000 - $200,000, 10% bonus, and equity.