Senior Threat Analyst
Halcyon
The Role:
Halcyon’s mission is to redefine what a security product can deliver. To support this, we are seeking a highly skilled Senior Threat Analyst with deep technical expertise in malware reversing and detection engineering. This role is critical to advancing our detection and prevention capabilities, ensuring broad coverage of emerging threats while eliminating false positives. The right candidate will help keep our customers safe from the latest ransomware and malware families without impacting legitimate business operations.
Responsibilities Monitor and analyze security events to detect, investigate, and escalate potential incidents. Correlate data across multiple sources to identify malicious activity and patterns. Triage and assess events to determine impact, contain incidents, and drive threat remediation. Reverse engineer Windows PE files and other malicious binaries using static and dynamic techniques to uncover capabilities, persistence methods, and indicators of compromise (IOCs). Design, develop, and maintain internal tools to support threat triage, correlation, and research (log parsers, incident tracking systems, custom sandboxes, etc.). Conduct malware analysis in disassemblers, debuggers, and sandbox environments to understand payloads, infection chains, and evasion techniques. Research and track evolving ransomware techniques, publishing findings to improve detection logic and response processes. Collaborate closely with Engineering and Customer Success to improve product resilience and ensure smooth customer communication during security events. Skills and Qualifications 10+ years of experience Proficiency in malware reversing, with demonstrated expertise in analyzing Windows PE files, unpacking obfuscated samples, and extracting behavioral and static indicators. Hands-on experience with Yara, Python, and scripting languages (PowerShell, Batch, Bash/Shell). Advanced knowledge of static and dynamic analysis using tools such as IDA Pro, Ghidra, x64dbg, WinDbg, and Cuckoo or similar sandboxes. Familiarity with EDR evasion techniques, persistence mechanisms, and exploitation methods. Cloud exposure preferred: AWS experience (cloud log analysis, EC2/S3 security, threat hunting in cloud environments). Proven track record in cyber threat research, malware analysis, or security operations. Strong collaboration and communication skills, with the ability to explain technical findings to both technical and non-technical stakeholders.
Responsibilities Monitor and analyze security events to detect, investigate, and escalate potential incidents. Correlate data across multiple sources to identify malicious activity and patterns. Triage and assess events to determine impact, contain incidents, and drive threat remediation. Reverse engineer Windows PE files and other malicious binaries using static and dynamic techniques to uncover capabilities, persistence methods, and indicators of compromise (IOCs). Design, develop, and maintain internal tools to support threat triage, correlation, and research (log parsers, incident tracking systems, custom sandboxes, etc.). Conduct malware analysis in disassemblers, debuggers, and sandbox environments to understand payloads, infection chains, and evasion techniques. Research and track evolving ransomware techniques, publishing findings to improve detection logic and response processes. Collaborate closely with Engineering and Customer Success to improve product resilience and ensure smooth customer communication during security events. Skills and Qualifications 10+ years of experience Proficiency in malware reversing, with demonstrated expertise in analyzing Windows PE files, unpacking obfuscated samples, and extracting behavioral and static indicators. Hands-on experience with Yara, Python, and scripting languages (PowerShell, Batch, Bash/Shell). Advanced knowledge of static and dynamic analysis using tools such as IDA Pro, Ghidra, x64dbg, WinDbg, and Cuckoo or similar sandboxes. Familiarity with EDR evasion techniques, persistence mechanisms, and exploitation methods. Cloud exposure preferred: AWS experience (cloud log analysis, EC2/S3 security, threat hunting in cloud environments). Proven track record in cyber threat research, malware analysis, or security operations. Strong collaboration and communication skills, with the ability to explain technical findings to both technical and non-technical stakeholders.
Benefits:
Halcyon offers the following benefits to eligible employees:
Comprehensive healthcare (medical, dental, and vision) with premiums paid in full for employees and dependents.
401k plan with a generous employer contribution.
Short and long-term disability coverage, basic life and AD&D insurance plans.
Medical and dependent care FSA options.
Flexible PTO policy.
Parental leave.
Generous equity offering.
The Company reserves the right to modify or change these benefits programs at any time, with or without notice.
Base Salary Range: $175,000- $200,000, 10% bonus, and equity.
Confirmar seu email: Enviar Email
Todos os Empregos de Halcyon