2

Remote Threat Researcher Jobs (NOW HIRING)

About the Role We're looking for a staff-level threat researcher who thrives at the intersection of ... Prior experience in customer-facing technical roles (consulting, remote support, or advisory)

About the Role As Head of Threat Research at Netcraft, you will lead the team responsible for ... This is a remote position based in the United States, with occasional travel for conferences, team ...

INTERNSHIP - Threat Hunter - REMOTE

Stow, OH · Remote

$13.75 - $18.25/hr

Emerging Threat Research: Keep up to date on major global cyber threats. Assist in mapping attacker ... remote friendly work environment, as well as training opportunities to expand your skill set (to ...

... monitoring, darknet research Fraud Analysis - Fraud tactics, process bypasses, abuse methods ... Location: Remote Key Responsibilities * Conduct in-depth OSINT/WEBINT investigations across ...

Sr. Engineer, Platform Threat Intelligence

$52.25 - $67.75/hr

This is a fully remote role. Candidates who live near College Board offices may choose to work ... An understanding of regional communication norms and online ecosystems relevant to threat research ...

next page

Showing results 1-20

Remote Threat Researcher information

See salary details

$30K

$113.1K

$164.5K

How much do remote threat researcher jobs pay per year?

As of Jul 14, 2026, the average yearly pay for remote threat researcher in the United States is $113,102.00, according to ZipRecruiter salary data. Most workers in this role earn between $67,000.00 and $154,000.00 per year, depending on experience, location, and employer.

What is a Remote Threat Researcher?

A Remote Threat Researcher is a cybersecurity professional who works from a remote location to identify, analyze, and report on emerging cyber threats, malware, and vulnerabilities. They use various tools and techniques to monitor suspicious activities, study cybercriminal tactics, and help organizations strengthen their defenses. Their findings contribute to developing threat intelligence, improving security protocols, and informing incident response strategies. This role often involves collaborating with other security experts and staying updated on the latest trends in cyber threats.

What is the difference between Remote Threat Researcher vs Remote Security Analyst?

AspectRemote Threat ResearcherRemote Security Analyst
CredentialsCybersecurity certifications (e.g., CISSP, CEH), relevant degreesSimilar certifications, often with additional focus on security operations
Work EnvironmentResearch-focused, analyzing threats, malware, vulnerabilitiesMonitoring, incident response, security monitoring
Industry UsageUsed in cybersecurity firms, threat intelligence teamsCommon in security operations centers (SOCs), enterprise security teams
Search/Comparison IntentUnderstanding research vs operational roles in cybersecurityComparing threat analysis with security monitoring roles

Remote Threat Researchers focus on analyzing and understanding emerging threats, malware, and vulnerabilities through research. In contrast, Remote Security Analysts primarily monitor security systems, respond to incidents, and maintain security protocols. Both roles require cybersecurity certifications and work in related environments, but their core responsibilities differ: research versus operational security.

How does a Remote Threat Researcher typically collaborate with other cybersecurity professionals to address emerging threats?

Remote Threat Researchers frequently work as part of a distributed team, closely collaborating with security analysts, incident responders, and software engineers. They share findings through detailed reports, virtual meetings, and secure communication platforms. This collaboration ensures that newly discovered threats are analyzed quickly and that mitigation strategies are coordinated and implemented efficiently. Despite working remotely, regular communication and collaboration are essential to stay aligned with evolving threats and organizational security priorities.

What are the key skills and qualifications needed to thrive as a Remote Threat Researcher, and why are they important?

To thrive as a Remote Threat Researcher, you need expertise in cybersecurity, malware analysis, and threat intelligence, often supported by a degree in computer science or related certifications like CEH or GIAC. Familiarity with tools such as Wireshark, IDA Pro, and security information and event management (SIEM) platforms is common. Strong analytical thinking, attention to detail, and effective written communication are crucial soft skills in this role. These qualifications enable you to identify, analyze, and report on emerging cyber threats, helping organizations stay ahead of evolving security risks.
More about Remote Threat Researcher jobs
What cities are hiring for Remote Threat Researcher jobs? Cities with the most Remote Threat Researcher job openings:
What are the most commonly searched types of Threat Researcher jobs? The most popular types of Threat Researcher jobs are:
What states have the most Remote Threat Researcher jobs? States with the most job openings for Remote Threat Researcher jobs include:
What job categories do people searching Remote Threat Researcher jobs look for? The top searched job categories for Remote Threat Researcher jobs are:
Staff Threat Research Engineer

Staff Threat Research Engineer

Sumo Logic

Remote

Full-time

Re-posted 14 days ago


Job description

Mission
Threat Labs' mission is to keep our customers safe from cybersecurity attacks. We do this by advancing the art and science of detection: turning threat intelligence and threat research into practical, high-quality detections that power the Sumo Logic SIEM platform and strengthen the broader security community.
About the Role
We're looking for a staff-level threat researcher who thrives at the intersection of data and adversary tradecraft. In this role, you'll use your practitioner experience to uncover attacker behaviors, test them in realistic environments, and turn those insights into detection content that directly improves customer outcomes. You'll explore and exploit a variety of security technologies, with an emphasis on cloud and AI environments, to build, validate, and tune detections that reflect the latest attack techniques. In addition to applying existing research, you'll have opportunities to conduct original investigations, from malware analysis to infrastructure tracking and honeypot monitoring, designed to uncover novel insights that shape future detection strategies.
Who You Are
You're a seasoned security professional who's evolved from responding to incidents to preventing them. You have a deep curiosity for how attackers operate and a passion for translating that insight into practical detections that measurably improve defenses. You thrive in a hands-on environment: experimenting in the lab, analyzing data, and validating results. Collaboration and sharing come naturally to you: working with peers across Threat Labs and product teams, you enjoy turning research into real detections and community knowledge that protect customers everywhere.
Your Impact
  • Conduct and lead both applied and original threat research, transforming intelligence, telemetry, and investigation into actionable detection logic for the Sumo Logic SIEM.
  • Collaborate closely within Threat Labs to design, build, and refine detection content and validation pipelines that raise the bar for product and customer detection quality.
  • Drive innovation in detection methodologies, including research activities such as malware analysis, infrastructure tracking, or honeypot operations, to discover new attacker behaviors.
  • Publish and share findings - from detection logic to behavioral analysis and practical hunting guidance - that help customers maximize SIEM outcomes.
  • Contribute to Threat Labs' long-term vision of a research-driven, continuously evolving detection ecosystem built on practitioner insight and technical depth.
Responsibilities
  • Research, develop, and test threat detection logic in a lab environment, validating against real-world attacker behaviors and ensuring technical alignment with Sumo Logic SIEM capabilities.
  • Conduct original threat research, such as analyzing malware, tracking infrastructure, or experimenting with honeypots, and translate findings into detection opportunities.
  • Investigate industry and adversary trends to identify emerging detection opportunities.
  • Collaborate with product management and fellow Threat Labs engineers to scope and prioritize detection campaigns.
  • Maintain and expand Threat Labs' research lab infrastructure.
  • Provide practitioner feedback to engineering and product management to inform feature design and roadmap decisions.
  • Contribute to the security community through blogs, conference talks, open source projects, and public research contributions.
Requirements
  • 12+ years of cybersecurity experience that includes a mix of:
    • Senior/Principal SOC analyst, threat hunter, or purple team practitioner
    • Incident responder or detection engineer roles
  • Demonstrated ability to progress threat research into actionable detections and incident response outcomes.
  • Experience conducting original or self-directed threat research that resulted in novel findings - for example, malware or infrastructure analysis, honeypot operations, or similar investigative work leading to actionable insights.
  • Broad knowledge of multiple technology stacks and a strong curiosity to learn new platforms.
  • Deep experience with multiple major public clouds (AWS, Azure, or GCP), and familiarity with analyzing cloud-native logs and telemetry.
  • Understanding of emerging attack techniques targeting AI infrastructure and machine learning pipelines (e.g., data poisoning, model theft, or prompt injection), and familiarity with frameworks such as MITRE ATLAS.
  • Proven history of thought leadership through blogs, LinkedIn articles, or conference presentations.
  • Background in the cybersecurity vendor space, with experience providing expert feedback to product and engineering teams.
Desirable
  • Prior experience in customer-facing technical roles (consulting, remote support, or advisory).
  • Hands-on familiarity with offensive security tools (Atomic Red Team, Sliver, Cobalt Strike, etc.).
  • Scripting or automation capability (Python, PowerShell, etc.).
  • Experience with Security Orchestration, Automation, and Response (SOAR) technology.
  • Recognized presence or active participation in the security community (e.g., X/Twitter, conferences, open source).
  • Experience applying AI or machine learning techniques to improve operational efficiency and automation across the detection rule development lifecycle - from research and validation to deployment and tuning.
About Us
Sumo Logic, Inc. helps make the digital world secure, fast, and reliable by unifying critical security and operational data through its Intelligent Operations Platform. Built to address the increasing complexity of modern cybersecurity and cloud operations challenges, we empower digital teams to move from reaction to readiness-combining agentic AI-powered SIEM and log analytics into a single platform to detect, investigate, and resolve modern challenges. Customers around the world rely on Sumo Logic for trusted insights to protect against security threats, ensure reliability, and gain powerful insights into their digital environments. For more information, visit www.sumologic.com.
Sumo Logic Privacy Policy. Employees will be responsible for complying with applicable federal privacy laws and regulations, as well as organizational policies related to data protection.
The expected annual base salary range for this position is $162,000 - $190,000. Compensation varies based on a variety of factors which include (but aren't limited to) role level, skills and competencies, qualifications, knowledge, location, and experience. In addition to base pay, certain roles are eligible to participate in our bonus or commission plans, as well as our benefits offerings.
Must be authorized to work in the United States at the time of hire and for the duration of employment. At this time, we are not able to offer new non-immigrant visa sponsorship or OPT hiring for this position.