About the role:
Please note: this is a one-year position, with the potential for extension.
10a Labs' Investigations Team is looking for a Principal Cyber Investigator to lead day-to-day operations and oversee quality across a cyber review team. This role requires senior cybersecurity expertise combined with the operational and leadership experience to manage a high-performing team, interface directly with client stakeholders, and set the standard for labeling and review output quality and consistency.
In this role, you will:
- Oversee day-to-day operations of the embedded team, ensuring exchange labeling and review are completed accurately, efficiently, and in accordance with the client's rubric and review guide
- Serve as the senior technical authority on complex and escalated cases, making determinations on real-world harm potential and offensive uplift
- Monitor and maintain quality and consistency metrics across the team, identifying gaps and improving review processes
- Interface directly with client stakeholders to communicate findings, surface emerging trends, and align on evolving policy and rubric
- Mentor and develop senior and junior investigators, providing guidance on technically demanding and ambiguous cases
- Lead org-level analysis of actor behavior, synthesizing patterns across exchanges to inform detection and mitigation efforts
- Query internal data sources via DQL and programmatically, and cross-reference open-source information (OSINT) to support review and validate team output
Required Qualifications:
- At least 9+ years of experience in cybersecurity, threat intelligence, Trust & Safety, national security, defense, intelligence, or law enforcement domains
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience
- Demonstrated experience leading or managing investigative or review teams, including oversight of quality, output, and team development
- Deep subject-matter expertise in one or more of the following: scaled data extraction, ransomware, local and remote exploits, or offensive security operations
- Familiarity with LLM systems and how AI technology can be misused for cyber operations
- Proven ability to serve as a final technical authority on complex cases, with a track record of sound judgment on harm potential and offensive uplift
- Strong SQL, Python, and other data language proficiency for querying data and validating investigative output
- Exceptional written and verbal communication skills, with experience presenting findings to senior stakeholders
- Ability to rapidly context-switch across domains, modalities, and abuse areas in a fast-paced, ambiguous environment
- Ability to clear an insider-threat background check
Preferred Qualifications:
- Experience working directly with or within frontier AI labs, large technology platforms, or Trust & Safety organizations
- Experience with threat intelligence frameworks such as MITRE ATT&CK
- Background in dark web monitoring, OSINT, or cross-platform threat analysis
- Experience building or scaling detection and mitigation pipelines
- Full professional proficiency in Arabic, Chinese, Farsi, Portuguese, Russian, or Spanish
- Active security clearance (Secret or above)
- Relevant certifications such as OSCP, GREM, or GCTI
Compensation & Benefits:
- Salary Range: $150K-$180K, depending on experience and location
- Work Environment: Fully remote, U.S.-based
- Health Benefits: Comprehensive health, dental, and vision coverage
- Time Off: Generous PTO and paid holiday schedule
- Retirement: 401(k) plan