Senior Threat Intelligence Researcher

Overview

We’re a team of ex-Google engineers who built some of the largest defensive platforms on the planet — Safe Browsing and reCAPTCHA. Now, we’re striking out on our own to tackle an even bigger challenge: stopping the new wave of adversarial AI attacks already hitting organizations today.

We're going after a $5B+ market, ripe for disruption. Traditional detection methods are too slow to keep up. Adversaries are using AI to craft customized, high-evasion attacks — and old-school rules-based systems don’t stand a chance.

The Role

We are seeking a Senior Threat Intelligence Analyst to join our growing team. This role blends hands-on investigation of phishing, BEC, and malware campaigns with research and thought leadership that advances the broader cybersecurity community.

You will lead investigations into real-world email threats, contribute directly to detection improvements, and publish high-quality analysis (blogs, whitepapers, presentations) to establish AegisAI as a leader in the space.

This is a high-impact, customer-facing and industry-facing role where your research will shape our product roadmap and thought leadership strategy.

This role goes beyond triaging alerts:

• You’ll investigate and reverse-engineer real-world email attacks.

• Identify patterns and trends in attacker behavior and translate those insights into improvements for our detection systems.

• Collaborate with engineering to shape how our AI models adapt to emerging threats.

• Produce written reports and analysis that we can share publicly, helping raise the bar for email security as an industry.

• Investigate Campaigns: Analyze phishing, BEC, and malware-based campaigns to uncover attacker infrastructure, TTPs, and trends.

• Detection Improvement: Collaborate with engineering and data science teams to feed intelligence into our AI detection models and automation workflows.

• Malware & Artifact Analysis: Perform static and dynamic analysis of malicious files, links, and payloads using sandbox and forensic tools.

• Customer & Partner Engagement: Provide actionable threat insights to customers and support investigations with clear, executive-ready reporting.

• Threat Intelligence Publications: Write blogs, advisories, and industry-facing research reports that highlight emerging threats and novel findings.

• Community Engagement: Represent AegisAI at conferences, webinars, and industry events to share insights and build credibility.

• Playbooks & Knowledge Sharing: Document attack patterns, build runbooks, and share learnings with internal teams and the wider security community.

Who You Are

• 7+ years of cybersecurity experience, with at least 3–4 years focused on threat intelligence and investigations.

• Hands-on experience in email security investigations (phishing, BEC, spam campaigns).

• Strong knowledge of malware analysis tools and methodologies (sandboxing, static/dynamic analysis, reverse engineering basics).

• Track record of published threat research (blogs, papers, advisories, or conference presentations).

• Excellent written and verbal communication skills — able to translate technical findings into impactful narratives for both executives and security professionals.

• Familiarity with frameworks such as MITRE ATT&CK, and threat intel platforms like MISP or Recorded Future.

Bonus

• Prior public presentations at security conferences (SANS, FS-ISAC, Black Hat, mWISE, etc.).

• Experience engaging with journalists or industry analysts on emerging threats.

Our culture

• Flat, flexible, and fast.

• You’ll own your decisions.

• You’ll have clear KPIs for success — but how you get there is up to you.

• Development cycles are measured in days, not weeks.

• If you’re hungry to build AI that fights AI, and want to work with a team that moves at the speed of the real world, come talk to us.