Junior Cyber Security Intel Researcher (Belfast)
See more jobs from ThreatStream Incabout 11 hours old
Company Description
Anomali is headquartered in Silicon Valley and is the Leading AI-Powered Security Operations Platform that is modernizing security operations. At the center of it is an omnipresent, intelligent, and multilingual Anomali Copilot that automates important tasks and empowers your team to deliver the requisite risk insights to management and the board in seconds. The Anomali Copilot navigates a proprietary cloud-native security data lake that consolidates legacy attempts at visibility and provides first-in-market speed, scale, and performance while reducing the cost of security analytics. Anomali combines ETL, SIEM, XDR, SOAR, and the largest repository of global intelligence in one efficient platform. Protect and drive your business with better productivity and talent retention.
Do more with less. Be Different. Be the Anomali.
Job Description
Anomali Threat Research (ATR) is the Cyber Threat Intelligence (CTI) team at Anomali. ATR is responsible for conducting OSINT research, in addition to intelligence engineering and data science objectives. We are seeking a passionate Researcher to join ATR to assist in the collection and curation of open source intelligence and also help build automation to help our Threat Research team.
The researcher will also support sample collection and analysis, including developing custom scripts for automation where needed. The researcher will be responsible for handling malware samples, analyzing suspicious files, and identifying malicious behaviors while maintaining strict OPSEC measures. Additionally, they will support ThreatStream false positive triage, ensuring accuracy in threat detections and classifications. This role also includes developing scripts and automation to enhance intelligence workflows and collaborating with the Anomali Content Team on structured reporting and intelligence insights.
Responsibilities
o Conducting false positive/negative triage within ThreatStream, ensuring accurate classification and minimal intelligence misattribution.
o Assist with sample collection and analysis, including handling malware samples, suspicious files, and malicious infrastructure.
o Develop and refine custom scripts and automation workflows to improve threat analysis and intelligence ingestion.
o Work with wider teams to research, structure, and publish the semi-annual State of OSINT Report.
o Contribute to threat detection improvements, including refining behavioral indicators and intelligence structuring.
o Develop behavioral detections with the Anomali Query Language (AQL)
Required Skills
o BSc/BEng in Computer Science, Cybersecurity or equivalent experience in lieu of degree
o Basic knowledge of malware analysis techniques, including dynamic/static analysis, sandboxing, and unpacking.
o Experience with triaging False Positives and False Negatives, ensuring accurate threat classifications.
o Familiarity with scripting languages (e.g., Python, Bash, or PowerShell) to automate malware analysis and intelligence workflows.
o Understanding of OPSEC principles and secure research practices, particularly in handling malware execution.
o This poistion is not eligible for employment visa sponsorship. The successful candidate must not now, or in the future require visa sponsorship to work at our Belfast location.
Desired Skills
o Experience with reverse engineering tools such as IDA Pro, Ghidra, or Radare2.
o Hands-on experience using sandbox environments (e.g., Cuckoo, Any.Run, VMRay, or Joe Sandbox) for malware behavior analysis.
o Basic understanding of network security concepts, including traffic analysis, PCAP inspection, and C2 detection.
o Prior experience with Threat Intelligence Platforms (TIPs) such as ThreatStream, MISP, or OpenCTI.
o Web scraping and automation experience, preferably using Python, to collect and structure intelligence data.
Benefits
Salary
o Competitive Salary
Medical
o Private Healthcare Plan
o Dental Plan
o Optical Plan
Work-Life Balance
o Paid Public Holidays
o Accrued Paid Time Off – 25 days
o Quarterly event with your Geographic Team
Equal Opportunities Monitoring
It is our policy to ensure that all eligible persons have equal opportunity for employment and advancement on the basis of their ability, qualifications and aptitude. We select those suitable for appointment solely on the basis of merit without regard to an individual's disability, race, religion, sex, age or sexual orientation. Monitoring is carried out to ensure that our equal opportunity policy is effectively implemented.
If you are interested in applying for employment with Anomali and need special assistance or accommodation to apply for a posted position, contact our Recruiting team at [email protected].