Boston, United States of America Hybrid Full-time

Nebulock is hiring a Lead Threat Researcher

Responsibilities

  • Design and curate a structured and contextual knowledge base (i.e. threat actor profiles, TTPs, attack patterns etc.) for our agents and internal threat hunters
  • Measure and prove that your opinionated view of the threat landscape improves outcomes for our customers
  • Be the authoritative voice on prioritization (i.e. Should we hunt this technique? Does this threat actor target our customers? Is this exploitable in their environments? etc.)
  • Cut through daily feeds and the headlines to identify what demands attention
  • Leverage AI tooling to build the intelligence layer that helps customers answer: "what matters to me and why"
  • Track active threat campaigns and adversary TTPs across endpoint, cloud, and IAM
  • Conduct original research into threat actor TTPs, malware families, and emerging attack techniques across endpoint, cloud, and identity
  • Analyze adversary infrastructure, tooling, and behavioral patterns to surface novel detection opportunities
  • Translate threat intelligence into actionable hunt hypotheses and detection rules by mapping adversary behaviors to normalized telemetry
  • Account for real-world telemetry constraints and visibility gaps
  • Represent Nebulock externally via blog posts, conference talks, published research etc.
  • Partner with threat hunters and detection engineers to inform priorities based on emerging threats relevant to customer environments
  • Maintain a continuous feedback loop between what adversaries are doing in the wild and what we build in response
  • Collaborate with product + engineering to drive the product roadmap
  • Engage with customers to deliver threat briefings, analysis, and advisories tailored to their environments
  • Determine which threat intelligence partnerships Nebulock should invest in (commercial CTI vendors, ISACs, OSINT communities etc.)

Requirements

  • 7+ years in threat intelligence or threat research with exposure across multiple industries
  • Deep expertise in mapping threat actor TTPs to observable telemetry
  • Strong understanding of adversary tradecraft across endpoint, cloud, and IAM
  • Experience and excitement about using AI-assisted development tools to build lightweight tooling, automations, and prototypes
  • Proven ability to prototype, iterate, and ultimately build your own tooling
  • Demonstrated ability to distill complex topics into something actionable and understandable
  • Active participation in threat intelligence sharing communities

Benefits

  • Competitive salary + equity (early-stage startup with significant upside)
  • Flexible remote work (US-based, hybrid option for Boston area)
  • Autonomy to build the threat research function from scratch
  • Low-ego and high-trust environment

Work Arrangement

Hybrid — Boston

Additional Information

  • Flexible remote work (US-based, hybrid option for Boston area)
  • Low-ego and high-trust environment
  • Autonomy to build the threat research function from scratch
About company
Nebulock

The agentic contextual security analytics platform that continuously hunts, understands, and stops threats before they become incidents.

Continuously hunt threats, deploy detections, and run investigations in a single platform.

AI agents carry context and memory from hunt to hunt so you don’t have to start from zero. Nebulock surfaces coverage gaps across your environment, turning hunts and findings into validated detections across all your data sources.

It enables proactive threat hunting by baselining normal behavior, detecting insider threats, and accelerating investigations with transparent reasoning and remediation steps.

All jobs at Nebulock Visit website
Job Details
Department Threat Detection
Category security
Posted a month ago