Threat Intelligence Research Engineer

COMPANY OVERVIEW

ThreatLocker is a leader in Zero Trust cybersecurity, delivering a unified platform that provides enterprise-grade protection across users, devices, and applications. The ThreatLocker Platform combines powerful solutions including Application Allowlisting, Ringfencing, Storage Control, Elevation Control, Network Control, Configuration Management, and Operational Alerts, empowering organizations to take complete control over what runs, how it runs, and who can access it. 

By enforcing policies directly where applications execute, including at the endpoint,  ThreatLocker helps businesses stop exploits before they happen and move from reactive defense to proactive prevention. 

POSITION OVERVIEW

We're looking for a Threat Intelligence Research Engineer who can bridge two worlds: deep cybersecurity expertise and clear, authoritative communication. In this role, you will analyze real-world threats, uncover emerging attacker behaviors, and translate complex technical findings into high-impact reports, briefs, and articles that educate and empower cybersecurity professionals.

You will work at the intersection of engineering, research, and brand thought leadership, turning raw intelligence into content that drives awareness, supports our product narrative, and strengthens our authority within the cybersecurity community.

While reporting to the SVP of Brand Marketing, this is not a copywriting or marketing role. This is a highly technical position for someone who can research, validate, investigate, and clearly explain threats, vulnerabilities, attacker methodologies, and security best practices to support the company's communications with external stakeholders.

What you'll do

Threat research & analysis

• Monitor, analyze, and report on emerging threats, indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and global threat trends.
• Investigate vulnerabilities, misconfigurations, malware behavior, ransomware campaigns, and exploit chains.
• Conduct independent research on threat actors, intrusion patterns, and security gaps relevant to our customer base.
• Collaborate with internal engineering, SOC, and threat teams to access proprietary intelligence and validate findings.
• Produce clear, defensible, and high-accuracy analysis based on data and technical evidence.

Technical writing & content development

• Transform threat research into high-quality reports, whitepapers, blogs, briefs, advisories, and thought-leadership content.
• Write in a way that resonates with cybersecurity professionals, executives, and IT leaders.
• Contribute to articles under the names of internal subject matter experts (SMEs) to elevate their voices and strengthen company authority.
• Develop clear visuals, diagrams, and technical explanations to support complex research.
• Ensure all content is technically rigorous, original, and aligned with our Zero Trust security philosophy.

Thought leadership & brand support

• Work with the SVP of Brand Marketing to shape the company's editorial direction on threat intelligence topics.
• Support media, PR, and analyst engagements with accurate intelligence and expert insights.
• Participate in webinars, research discussions, and cross-team reviews to maintain accuracy and consistency.
• Help position the company as a trusted voice in cybersecurity through data-driven storytelling.

REQUIRED QUALIFICATIONS

Technical expertise

• 5+ years in cybersecurity research, threat intelligence, security engineering, SOC analysis, or malware analysis.
• Strong knowledge of attacker TTPs, MITRE ATT&CK, malware behavior, incident response, and threat hunting workflows.
• Hands-on familiarity with tools such as SIEMs, sandboxes, EDR platforms, packet analyzers, and OSINT frameworks.
• Ability to read logs, investigate incidents, and interpret technical artifacts.

Communication skills

• Proven experience writing technical reports, threat advisories, security research, or cybersecurity analysis.
• Ability to translate complex material into clear, concise content without losing technical accuracy.
• Strong editorial judgment and an understanding of narrative clarity and structure.

Attributes that make you successful

• Deep curiosity and a research-driven mindset.
• Commitment to accuracy, integrity, and evidence-backed analysis.
• Ability to juggle multiple research topics while meeting publishing deadlines.
• A collaborative mindset and willingness to work across engineering, security, and marketing teams.

Why join us

• Help define the public voice of one of cybersecurity's most innovative Zero Trust platforms.
• Work with world-class engineers and threat experts on cutting-edge research.
• Turn intelligence into impact: informing, educating, and protecting thousands of organizations worldwide.
• Grow your career at the intersection of technical expertise and high-visibility thought leadership.

WORKING CONDITIONS

The duties described below are representative of those encountered while performing the essential functions of this position. If necessary, reasonable accommodation may be requested and will be evaluated for its relationship to the essential functions that must be performed. 

• Job will generally be performed in an office environment but may require travel to visit company offices and/or property locations.
• While performing duties of this job, would occasionally require to stand, walk, sit, reach with hands and arms, climb or balance, stoop or kneel, talk and hear, and use fingers and hands to feel objects and tools.
• Must occasionally lift and/or move up to 50  pounds.
• Specific vision abilities required include close vision, distance vision, depth perceptions, and the ability to adjust focus. 

A background check and drug/substance screening are required after a conditional offer. Employment will proceed only upon receiving clear results from both.

ThreatLocker also conducts randomized drug and substance testing approximately every 60 days, in line with the same screening standards.