Huntress is looking for a Principal Threat Intel Incident Commander to lead threat intelligence and incident response operations. You will protect our customers by owning the Rapid Response process from end-to-end, researching emerging adversary tradecraft, and creating impactful reports.
What You'll Do
- Run Rapid Response incidents, coordinating across departments and owning the process end-to-end.
- Conduct research on emerging adversary tradecraft to scope and conduct hunt missions.
- Aggregate threat data to build reports for customers demonstrating Huntress’ value and informing them of threats.
- Create reports for marketing to show Huntress’ value to the larger community.
- Promote Huntress’ reputation through media interaction, public speaking, and blog posts.
- Work with leadership and cross-functional teams to develop the product and threat operations roadmap.
- Provide technical leadership for members of the ThreatOps team.
- Support professional development through coaching and mentorship of researchers.
- Enhance Huntress visibility by ingesting and utilizing IOCs from external threat intel sources.
- Write blog posts and other marketing materials regarding threat trends.
What We're Looking For
- A minimum of 7 years of experience in the field of Threat Intelligence.
- Experience with SIEM tools for scaled log analysis.
- Familiarity with detection engineering and logic, such as Sigma Rules.
- Experience researching and scoping threat hunt missions.
- Understanding of cybersecurity, threat actors, and the end-to-end threat life cycle, including one or more of: digital forensics, malware research, incident response, vulnerabilities, and exploits.
- Experience with 3rd-party intelligence tools, feeds, and reputation services.
- Experience conducting OSINT gathering and analysis.
Nice to Have
- Foundational development experience across multiple platforms (e.g., Windows and/or macOS), with C/C++, GoLang, and Python.
- Proficient knowledge of Windows and/or macOS subsystems and how they interact at both the user and kernel level.
Technical Stack
- SIEM tools
- Sigma Rules
- OSINT tools
- C/C++
- GoLang
- Python
- Windows subsystems
- macOS subsystems
Team & Environment
This role is part of the Adversary Tactics team and reports to the Senior Director of Adversary Tactics.
Benefits & Compensation
- Salary: $200,000 to $220,000 base + equity.
- Generous paid time off policy, including vacation, sick time, and paid holidays.
- 12 weeks of paid parental leave.
- Highly competitive and comprehensive medical, dental, and vision benefits plans.
- 401(k) with a 5% contribution regardless of employee contribution.
- Life and Disability insurance plans.
- Stock options for all full-time employees.
- One-time $500 reimbursement for building/upgrading your home office.
- Annual allowance for education and professional development assistance.
- $75 USD/month digital reimbursement.
- Access to the BetterUp platform for coaching and growth.
Work Mode
This is a 100% remote position open to candidates in the Remote US.
Huntress is a fully remote, global team of passionate experts on a mission to break down barriers to cybersecurity. We are committed to creating a culture of inclusivity where every team member is valued, has a voice, and is empowered.
We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.
