Data Science Lead, RQ

In this role, you’ll get to...

• Model Development: Lead design and implementation of probabilistic and statistical models for loss magnitude, frequency, and attack path likelihood
• Data Leadership: Expand and curate ThreatConnect’s risk data sets, including loss event data, CVE data (KEV, EPSS), MITRE ATT&CK coverage, control posture data, and third-party risk data
• Player-Coach: Mentor a team of data scientists while remaining hands-on with modeling, code reviews, and experimentation
• Cross-Functional Collaboration: Partner with Product, Engineering, and Threat Intelligence teams to operationalize models in RQ
• Innovation: Research and apply advanced methods (Bayesian modeling, ML techniques) to continuously improve prediction accuracy and coverage
• Quality & Governance: Ensure model transparency, explainability, and defensibility for customer and regulatory review. Lead the development of algorithmic models for CRQ, including threat likelihood, loss magnitude, control efficacy, and scenario simulation
• AI: Guide the implementation of AI-enhanced modeling (e.g., LLMs, pattern mining) to support automation of risk scenario development and decision support

In the first month, we’ll expect you to...

• Get up to speed on RQ’s current modeling architecture and data sets
• Meet with Product teams to understand roadmap priorities and customer needs
• Review and document the current loss and attack model coverage and gaps

At 3 months we’ll expect you to...

• Deliver a prioritized roadmap for model improvements and new datasets to onboard
• Stand up team operating rhythm (standups, backlog grooming, code review practices)
• Deliver quick wins: Improved loss data normalization, updated attack-path models for top ATT&CK techniques

At 6 months we’ll expect you to...

• Release at least one new or improved model into production (e.g., ransomware loss distribution, control effectiveness model)
• Onboard additional data sources (loss event feeds, industry benchmarks, third-party telemetry)
• Document model assumptions and publish an internal “Model Handbook” for transparency

At 12 months we’ll expect you to...

• Establish repeatable pipelines for model training, validation, and deployment
• Expand team capabilities (hire additional data scientists or analysts as needed)
• Deliver measurable improvements to RQ outputs (accuracy, coverage, speed)
• Present results to leadership, highlighting the ROI of improved models and datasets

Required Qualifications

• 7+ years of experience in applied data science, quantitative modeling, or algorithm development
• Strong understanding of cybersecurity principles, threat actor behavior, or risk frameworks (e.g., NIST CSF, MITRE ATT&CK, FAIR)
• Proven ability to build and deploy risk or predictive models in enterprise environments
• Proficiency in Python and familiarity with modeling libraries (e.g., NumPy, PyMC3, scikit-learn)
• Experience with Git, Jira, and modern ML ops pipelines
• Strong communication and storytelling skills for technical and non-technical audiences

Desired Qualifications

• Experience building CRQ models in alignment with FAIR or related frameworks
• Familiarity with simulating attack paths, graph-based reasoning, or control validation
• PhD or advanced degree in data science, computer science, engineering, or related field
• Experience with integrating models into SaaS platforms or cloud-native environments
• Background in red/blue teaming, SOC data, or adversary emulation is a plus