Senior Threat Intelligence Researcher

Overview We’re a team of ex-Google engineers who built some of the largest defensive platforms on the planet — Safe Browsing and reCAPTCHA. Now, we’re striking out on our own to tackle an even bigger challenge: stopping the new wave of adversarial AI attacks already hitting organizations today. We're going after a $5B+ market, ripe for disruption. Traditional detection methods are too slow to keep up. Adversaries are using AI to craft customized, high-evasion attacks — and old-school rules-based systems don’t stand a chance. The Role We are seeking a Senior Threat Intelligence Analyst to join our growing team. This role blends hands-on investigation of phishing, BEC, and malware campaigns with research and thought leadership that advances the broader cybersecurity community. You will lead investigations into real-world email threats, contribute directly to detection improvements, and publish high-quality analysis (blogs, whitepapers, presentations) to establish AegisAI as a leader in the space. This is a high-impact, customer-facing and industry-facing role where your research will shape our product roadmap and thought leadership strategy. This role goes beyond triaging alerts: - You’ll investigate and reverse-engineer real-world email attacks. - Identify patterns and trends in attacker behavior and translate those insights into improvements for our detection systems. - Collaborate with engineering to shape how our AI models adapt to emerging threats. - Produce written reports and analysis that we can share publicly, helping raise the bar for email security as an industry. WHAT YOU'LL DO - Investigate Campaigns: Analyze phishing, BEC, and malware-based campaigns to uncover attacker infrastructure, TTPs, and trends. - Detection Improvement: Collaborate with engineering and data science teams to feed intelligence into our AI detection models and automation workflows. - Malware & Artifact Analysis: Perform static and dynamic analysis of malicious files, links, and payloads using sandbox and forensic tools. - Customer & Partner Engagement: Provide actionable threat insights to customers and support investigations with clear, executive-ready reporting. - Threat Intelligence Publications: Write blogs, advisories, and industry-facing research reports that highlight emerging threats and novel findings. - Community Engagement: Represent AegisAI at conferences, webinars, and industry events to share insights and build credibility. - Playbooks & Knowledge Sharing: Document attack patterns, build runbooks, and share learnings with internal teams and the wider security community. Who You Are - 7+ years of cybersecurity experience, with at least 3–4 years focused on threat intelligence and investigations. - Hands-on experience in email security investigations (phishing, BEC, spam campaigns). - Strong knowledge of malware analysis tools and methodologies (sandboxing, static/dynamic analysis, reverse engineering basics). - Track record of published threat research (blogs, papers, advisories, or conference presentations). - Excellent written and verbal communication skills — able to translate technical findings into impactful narratives for both executives and security professionals. - Familiarity with frameworks such as MITRE ATT&CK, and threat intel platforms like MISP or Recorded Future. Bonus - Prior public presentations at security conferences (SANS, FS-ISAC, Black Hat, mWISE, etc.). - Experience engaging with journalists or industry analysts on emerging threats. Our culture - Flat, flexible, and fast. - You’ll own your decisions. - You’ll have clear KPIs for success — but how you get there is up to you. - Development cycles are measured in days, not weeks. - If you’re hungry to build AI that fights AI, and want to work with a team that moves at the speed of the real world, come talk to us.