At
Arctic Wolf, you will not just watch the cybersecurity industry evolve – you will help lead the change. Our global team is made up of people who thrive on solving complex problems, moving quickly, and building technology that protects organizations around the world. We are proud to be recognized by Forbes, CNBC, Fortune, CRN, Gartner Peer Insights, and International Data Corporation MarketScape. What matters most is the work behind these recognitions: delivering real outcomes for customers through award-winning innovation such as our Aurora Platform.
If you are looking for meaningful work, smart teammates, and the opportunity to make a real impact in a high-growth company that is redefining security operations, Arctic Wolf is the right place for you.
Our mission is simple:
End Cyber Risk.
We are looking for a
Staff Threat Intelligence Researcher to help achieve this mission.
The Staff Threat Intelligence Researcher will contribute to our Threat Intelligence organization by leading advanced cyber threat intelligence research and translating adversary insights into measurable defensive outcomes. This role focuses on deep technical analysis, adversary tracking, intelligence-driven detection, and operational collaboration to improve threat visibility, detection coverage, and incident response effectiveness across the organization.
As a senior technical authority, this role will shape intelligence methodologies, establish analytical standards, mentor peers, and deliver actionable intelligence that directly strengthens Arctic Wolf's security operations and customer protection capabilities.
In This Role, You Will
- Lead and contribute to threat actor, malware family, and campaign tracking by correlating malware samples, infrastructure, delivery mechanisms, and adversary tradecraft
- Conduct end-to-end cyber threat intelligence research aligned with established frameworks such as the Cyber Threat Intelligence lifecycle, MITRE ATT&CK, and the Diamond Model
- Perform static and dynamic malware analysis across malicious binaries, scripts, and document-based delivery mechanisms
- Investigate malicious network infrastructure and command-and-control activity by pivoting across domains, Internet Protocol addresses, certificates, and related artifacts
- Translate intelligence findings into actionable detection and threat hunting logic using technologies such as YARA, Sigma, and Suricata
- Analyze Windows or macOS internals including application programming interfaces, obfuscation techniques, system calls, and execution behaviors
- Apply advanced open-source intelligence techniques, pivoting methodologies, and enrichment across multiple intelligence platforms and data sources
- Research Deep Web ecosystems including crimeware-as-a-service and ransomware-as-a-service operations
- Analyze and correlate large-scale datasets using technologies such as Structured Query Language, Python, or Excel to extract actionable intelligence insights
- Develop automation and enrichment workflows using scripting languages such as Python
- Partner closely with Security Operations Center and Managed Detection and Response teams to operationalize intelligence into detection, triage, and response workflows
- Support Request for Intelligence workflows by delivering timely and actionable intelligence to operational teams
- Provide escalation support for high-confidence threat events, including enrichment, attribution context, and recommended response actions
- Contribute real-time intelligence support during active incidents and investigations
- Develop intelligence-to-detection feedback loops that improve coverage and operational visibility
- Create scalable intelligence dissemination methods including alerts, intelligence briefs, and knowledge base updates
- Standardize analytical frameworks, intelligence validation practices, and operational research methodologies
- Publish technical research, tradecraft methodologies, blogs, whitepapers, or present at industry workshops and conferences
You Will Be Successful In This Role If
- You are recognized as a technical authority within one or more adversary ecosystems such as ransomware, financially motivated crimeware, or nation-state operations
- You have strong experience in cyber threat intelligence research, adversary tracking, and intelligence analysis
- You have hands-on experience applying threat intelligence to detection engineering, threat hunting, incident response, or threat modeling
- You have experience with malware analysis tooling, host telemetry, and network telemetry analysis
- You possess strong knowledge of modern threat intelligence frameworks and methodologies
- You have experience translating intelligence into measurable operational outcomes and defensive improvements
- You are comfortable working independently within highly ambiguous and rapidly evolving threat environments
- You have strong analytical, communication, and problem-solving skills
- You have experience mentoring peers and shaping technical standards within research organizations
- You are passionate about improving intelligence-driven security operations and defensive capabilities
Nice To Have
- Experience publishing threat research, whitepapers, or presenting at industry conferences
- Experience collaborating with external intelligence-sharing communities or trusted industry partners
- Experience building scalable threat intelligence workflows and operational frameworks
- Familiarity with large-scale telemetry analysis and data science methodologies
- Experience automating intelligence workflows and enrichment pipelines
What Success Looks Like
- Improved detection effectiveness and operational visibility across Arctic Wolf security platforms
- Actionable intelligence that directly strengthens incident response, threat hunting, and detection engineering outcomes
- Measurable improvements in detection coverage and escalation quality through intelligence-led enhancements
- Reduced response times and increased operational efficiency for threat intelligence support workflows
- Development of scalable methodologies, analytical standards, and intelligence validation practices
- High-confidence intelligence reporting that improves customer security outcomes and organizational threat awareness
Do not meet all the requirements That is okay. We still encourage you to apply. We have many opportunities and are always looking for strong talent.
On-Camera Policy
To support a fair, transparent, and engaging interview experience, candidates interviewing remotely are expected to be on camera during all video interviews. Being on camera fosters authentic connection, improves communication, and allows for full engagement from both candidates and interviewers. We understand that technical, bandwidth, or location-related challenges may occasionally prevent video use. If this applies, candidates are required to notify us in advance so we can explore appropriate accommodations.
At Arctic Wolf, we foster a collaborative and inclusive work environment that thrives on diversity of thought, background, and culture. This is reflected in our multiple awards, including Top Workplace United States, Best Places to Work United States, Great Place to Work Canada, Great Place to Work United Kingdom, and Kununu Top Company Germany. Our commitment to bold growth and shaping the future of security operations is matched by our dedication to customer satisfaction, with over 10,000 customers worldwide and more than 2,000 channel partners globally. As we continue to expand and enhance our technology, Arctic Wolf remains a trusted name in the industry.
Our Values
Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion and value the unique perspectives all employees bring to the organization. By protecting sensitive data and working to end cyber risk, we contribute to an industry that serves the greater good.
We celebrate diverse perspectives through our Pack Unity program and encourage employees to participate in or create new alliances.
We also believe in corporate responsibility and have joined the Pledge One Percent movement to give back to our communities.
All Employees Receive Compelling Compensation And Benefits Packages, Including
- Equity for all employees
- Flexible annual leave, paid holidays, and volunteer days
- Training and career development programs
- Comprehensive private benefits plan including medical insurance for you and your family, life insurance equal to three times compensation, and personal accident insurance
- Fertility support and paid parental leave
Arctic Wolf is an equal opportunity employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under applicable law. We are committed to fostering a welcoming, accessible, and inclusive environment.
Security Requirements
- Conduct duties in accordance with Arctic Wolf information security policies, standards, and controls
- Background checks are required for this position
- This role may require access to information protected under United States export control laws and regulations
