1

Threat Researcher Jobs (NOW HIRING)

Sr. Threat Researcher

Sunnyvale, CA · On-site

$170K - $196K/yr

Threat Research and Analysis * Analyze large-scale security datasets to identify attacker behaviors, patterns, TTPs (Tactics, Techniques, and Procedures), and emerging risks. * Map observed behaviors ...

Threat Research and Analysis * Analyze large-scale security datasets to identify attacker behaviors, patterns, TTPs (Tactics, Techniques, and Procedures), and emerging risks. * Map observed behaviors ...

Threat Researcher

$135K - $145K/yr

Threat Researcher Salary Range: $135,000 - $145,000 annually Position Overview The Threat Researcher is responsible for analyzing malware and adversary behavior, developing emulations, and creating ...

They are seeking a Senior Threat Researcher to analyze large-scale security datasets, identify attacker behaviors, and collaborate with product teams to enhance detection and strategic direction.

Experience conducting in-depth technical threat analysis and research * Hands-on proficiency with forensic analysis tools such as: FTK Imager, X-Ways, Autopsy, Volatility * Proficiency in identifying ...

Experience conducting in-depth technical threat analysis and research * Hands-on proficiency with forensic analysis tools such as: FTK Imager, X-Ways, Autopsy, Volatility * Proficiency in identifying ...

Experience conducting in-depth technical threat analysis and research * Hands-on proficiency with forensic analysis tools such as: FTK Imager, X-Ways, Autopsy, Volatility * Proficiency in identifying ...

Experience conducting in-depth technical threat analysis and research * Hands-on proficiency with forensic analysis tools such as: FTK Imager, X-Ways, Autopsy, Volatility * Proficiency in identifying ...

Experience conducting in-depth technical threat analysis and research * Hands-on proficiency with forensic analysis tools such as: FTK Imager, X-Ways, Autopsy, Volatility * Proficiency in identifying ...

Experience conducting in-depth technical threat analysis and research * Hands-on proficiency with forensic analysis tools such as: FTK Imager, X-Ways, Autopsy, Volatility * Proficiency in identifying ...

Offensive Threat Researcher

Reston, VA · On-site

$75K - $156K/yr

Experience conducting in-depth technical threat analysis and research * Hands-on proficiency with forensic analysis tools such as: FTK Imager, X-Ways, Autopsy, Volatility * Proficiency in identifying ...

About the Role We're looking for a staff-level threat researcher who thrives at the intersection of data and adversary tradecraft. In this role, you'll use your practitioner experience to uncover ...

The Threat Intelligence Researcher (Cloud) will track, analyze, and report on advanced threats targeting cloud ecosystems, focusing on both state-backed and financially motivated attackers.

Director, Threat Research

Sunnyvale, CA · On-site

$227K - $272K/yr

We are seeking a hands-on Head of Threat Research to build and lead this new team from the ground ... A researcher at heart who thrives on diving into raw data to uncover hidden patterns and real-world ...

They are seeking a Director of Threat Research to build and lead a new team focused on translating real-world threats into actionable insights for product enhancements and customer risk reduction.

next page

Showing results 1-20

Threat Researcher information

See salary details

$30K

$113.1K

$164.5K

How much do threat researcher jobs pay per year?

As of Jul 16, 2026, the average yearly pay for threat researcher in the United States is $113,102.00, according to ZipRecruiter salary data. Most workers in this role earn between $67,000.00 and $154,000.00 per year, depending on experience, location, and employer.

What are some typical daily responsibilities of a Threat Researcher?

As a Threat Researcher, your daily responsibilities may include collecting and analyzing threat intelligence, investigating new malware samples, and monitoring emerging cyber threats. You’ll often work closely with security analysts and incident response teams to share findings and recommend mitigation strategies. A typical day may also involve creating detailed reports, developing detection signatures, and staying current with the latest tactics used by cyber adversaries. This role is highly dynamic, requiring you to adapt quickly to new information and threats as they arise.

What are the key skills and qualifications needed to thrive in the Threat Researcher position, and why are they important?

To thrive as a Threat Researcher, you need a deep understanding of cybersecurity concepts, malware analysis, network protocols, and threat intelligence, often supported by a degree in computer science or information security. Familiarity with tools like Wireshark, IDA Pro, sandbox environments, and certifications such as CISSP or GIAC are highly valuable. Strong analytical thinking, attention to detail, and effective written and verbal communication skills are crucial soft skills in this field. These abilities are essential for accurately identifying threats, collaborating across teams, and providing actionable insights to protect organizational assets.

What is a Threat Researcher job?

A Threat Researcher is a cybersecurity professional who analyzes emerging threats, vulnerabilities, and attack techniques to help organizations defend against cyber risks. They investigate malware, track threat actors, and provide intelligence on evolving cyber threats. This role often involves using security tools, reverse engineering, and data analysis to identify and mitigate potential security incidents. Threat Researchers collaborate with security teams to improve defenses and develop new detection strategies.

More about Threat Researcher jobs
What are the most commonly searched types of Threat Researcher jobs? The most popular types of Threat Researcher jobs are:
What states have the most Threat Researcher jobs? States with the most job openings for Threat Researcher jobs include:
Infographic showing various Threat Researcher job openings in the United States as of July 2026, with employment types broken down into 87% Full Time, 9% Part Time, 1% Temporary, and 3% Contract. Highlights an 86% Physical, 3% Hybrid, and 11% Remote job distribution, with an average salary of $113,102 per year, or $54.4 per hour.
Sr. Threat Researcher

Sr. Threat Researcher

Illumio

Sunnyvale, CA • On-site

$170K - $196K/yr

Full-time

Posted 4 days ago


Job description

Onwards Together!
Illumio is the leader in ransomware and breach containment, redefining how organizations contain cyberattacks and enable operational resilience. Powered by the Illumio AI Security Graph, our breach containment platform identifies and contains threats across hybrid multi-cloud environments - stopping the spread of attacks before they become disasters.
Recognized as a Leader in the Forrester Wave™ for Microsegmentation, Illumio enables Zero Trust, strengthening cyber resilience for the infrastructure, systems, and organizations that keep the world running.
Location: 4 on-site days a week in Sunnyvale, CA Headquarters.
Our Team's Vision:
At Illumio, we're pioneering cybersecurity innovation with our Illumio Insights platform, which leverages a dynamic security graph built from network flows, workload inventories, identity data, threat data, and vulnerability data. This graph enables essential functions such as breach risk detection, network segmentation assessment, active breach identification, and intelligent policy recommendations. To accelerate our product evolution, we're expanding our Threat Research Team with a dedicated expert who will serve as a long-term subject matter expert (SME) for the Illumio Insights product team.
We're looking for a talented Senior Threat Researcher to provide ongoing guidance on threats, threat intelligence, attacker behaviors, and TTP mapping. You'll analyze large-scale security datasets, map real-world adversary activity, identify gaps, and collaborate closely with product teams to translate insights into enhanced detection, data enrichment, and strategic direction. This role bridges threat research, detection engineering, and product innovation, offering a unique opportunity to impact how global organizations defend against advanced cyber threats.
Your Impact:
Threat Research and Analysis
  • Analyze large-scale security datasets to identify attacker behaviors, patterns, TTPs (Tactics, Techniques, and Procedures), and emerging risks.
  • Map observed behaviors to the MITRE ATT&CK framework and real-world adversary tradecraft.
  • Leverage the security graph to model attack paths and uncover opportunities to reduce the risk of lateral movement.
  • Identify gaps in detection coverage, data enrichment, and segmentation effectiveness.
  • Develop and validate hypotheses about evolving threats using research and intelligence sources.

Product Impact and Innovation
  • Partner closely with Product and Engineering teams to translate research findings into concrete improvements:
  • Enhanced detection logic and analytics
  • Improved data tagging, enrichment, and graph quality
  • More actionable customer-facing risk insights
  • Recommend segmentation strategies and policy improvements to strengthen breach containment and limit lateral movement.
  • Contribute to internal threat models and risk frameworks that directly inform product roadmap decisions.

Strategic Guidance and Thought Leadership
  • Provide expert guidance on emerging threats observable in our platform and their implications for customers.
  • Support product, sales, and customer-facing teams with research-backed insights and threat context.
  • Contribute to internal research, patents, and future external publications as the function matures.
  • Track global adversary evolution to help shape long-term detection and risk strategies.

Your Toolkit:
  • 5+ years of experience in threat research, incident response, detection engineering, or adversary emulation.
  • Strong understanding of attacker tradecraft across enterprise, cloud, and hybrid environments.
  • Deep familiarity with the MITRE ATT&CK framework and real-world TTP mapping.
  • Hands-on experience working with security telemetry sources.
  • Excellent written and verbal communication skills, with the ability to translate complex findings into clear, actionable insights.
  • Comfort working in ambiguous environments and helping define new functions.
  • Experience writing detection rules, analytics queries, or conducting threat hunting.

Preferred Qualifications
  • 7-10+ years in threat intelligence or security research roles.
  • Experience analyzing security graphs or graph-based analytics for threat detection.
  • Background in network segmentation, zero-trust architecture, or micro-segmentation.
  • Proven ability to influence product development in a fast-paced environment.
Bonus Points:
  • Previous experience at a cybersecurity product company.
  • Track record of publishing threat research or speaking at industry conferences.
  • Experience integrating external threat intelligence feeds.
  • Relevant certifications (e.g., GCIH, GCFA, or similar).

Who You Are
  • Curious and hypothesis-driven, with a passion for digging into raw data to uncover meaningful signals.
  • Pragmatic - focused on turning research into real product impact and measurable risk reduction.
  • Able to move fluidly between deep technical analysis and high-level business implications.
  • Collaborative and influential, thriving in a fast-paced product development environment where your insights directly shape product direction.
  • Committed to delivering practical defenses that protect customers from sophisticated attacks.

#LI-PO1 #LI-ONSITE
Our Commitment
Illumio believes that an environment of unique backgrounds, experiences, viewpoints, and individual contributions creates a culture of belonging, drives our future, and makes us stronger together in support of our customers and their success.
All official job offers from our company are extended directly by our recruitment team and will be sent through an official E-Signature document for your review and signature. Please be aware that we do not ask for any personal information in the process of extending offers of employment, such as financial details or social security numbers. Upon acceptance of any offer, we will request such information as part of the onboarding process prior to or on your first day of employment, and only after completing a background check through an authorized third-party vendor. If you receive any communication asking for personal details outside of these processes, please contact us immediately to verify the authenticity of the request. Your security is important to us, and we are committed to a safe and transparent hiring experience.
For roles in San Francisco and Los Angeles: Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Illumio will consider for employment qualified applicants with arrest and conviction records.