Threat Intelligence Researcher

We are looking for a Threat Intelligence Researcher who can analyze cyber threats and turn technical data into clear, useful insights. You will work closely with a team and clients, create reports, and build simple tools or scripts (mainly in Python) to improve how data is collected and analyzed. This role requires strong problem-solving skills, good communication, teamwork, and taking responsibility for delivering results.
About the team
You will join a team of threat intelligence researchers focused on investigating cyber threats, tracking threat actors, and producing actionable intelligence. The team works closely with other groups to collect data, analyze trends, and improve tools and processes for faster and more accurate insights. Daily work includes research, reporting, and collaboration to deliver intelligence that supports customers and business decisions.
About the Role
We are seeking an analytical and experienced Threat Intelligence Researcher to join our team. This is a technical role that necessitates bridging the gap between traditional intelligence analysis and software engineering principles.
You will be responsible for producing strategic and technical intelligence reports and developing automation and scripting solutions for the team.
Specifically, your focus will be on:

• Intelligence Reporting: Conduct in-depth investigations and produce comprehensive reports based on customer requests.
• Client Engagement: Participate in customer-facing meetings as required to present findings or gather requirements.
• Tool Development: Design, implement, and maintain internal tools, scripts, and data scrapers (primarily utilizing Python) to streamline data collection and analysis.
• Actionable Intelligence Production: Convert raw technical data into finished, actionable intelligence products, including detailed technical reports, the creation of YARA/Sigma rules, and executive-level briefings.

The skills and qualities you will bring include:

• Technical Expertise: Possess a robust background in cybersecurity and threat intelligence research.
• Programming Proficiency: Demonstrated proficiency in Python, Go, or C++, with a particular emphasis on developing automation or data processing pipelines.
• Analytical Acumen: Proven ability to synthesize disparate data points to construct a cohesive and accurate intelligence picture.
• Professional Communication: Exceptional technical writing skills and the capability to present complex findings to stakeholders with clarity and professional gravity.
• Accountability: Ownership by holding self and others responsible for driving outcomes and meeting commitments that deliver value for the business and customers.
• Adaptability & Automation Mindset: Comfortable navigating change and ambiguity, with a proactive approach to improving efficiency by automating manual tasks and streamlining team workflows.
• Language Proficiency: Fluent written and verbal communication skills in English.
• Core Value Embodiment: Embody our core values to foster a culture of excellence that drives meaningful impact and collective success.

Preferred Skills

• Demonstrated familiarity with the MITRE ATT&CK framework.
• Active engagement within the security research community (e.g., participation in CTFs, publishing blog posts, or contributing to open-source projects).
• Highly articulate, written, and verbal English communication.
• Comprehensive understanding of the threat intelligence landscape, including Advanced Persistent Threats (APTs), Initial Access Brokers (IABs), and their Modus Operandi.
• Familiarity with the Dark Web and the cybercrime forum ecosystem.

We know that the best ideas and solutions come from multi-dimensional teams. That's because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today.
#LI-SIM
About Rapid7
At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what's possible and drive extraordinary impact. We're building a dynamic and collaborative workplace where new ideas are welcome.
Protecting 11,000+ customers against bad actors and threats means we're continuing to push the envelope just like we' ve been doing for the past 20 years. If you 're ready to solve some of the toughest challenges in cybersecurity, we're ready to help you take command of your career. Join us.