[Remote] Threat Analyst
Note: The job is a remote job and is open to candidates in USA. Socket is a company that helps developers and security teams ship faster by minimizing security busywork. They are seeking a Threat Analyst to join their Threat Research Team, where the role involves tackling software supply chain threats and enhancing malware analysis using AI-based tools. Responsibilities β’ Analyze numerous unique threats daily, maintaining a standard of quality that sets the industry benchmark for supply chain security β’ Author high-impact technical blog posts on malicious open source code packages and extensions, and publish deep-dive research pieces on malicious campaigns, threat actor profiles, novel attack vectors, and ecosystem-wide trends β’ Design and build automated scripts and tools to streamline malware analysis, enhancing our data collection, threat analysis, and threat hunting workflows β’ Partner with our engineering team to integrate your research into our core product, turning manual insights into scalable, real-time protection β’ Leverage expertise in open source software ecosystems to enhance security across package registries, browser extensions (Chrome/VS Code), and proactively monitor GitHub/GitLab for emerging malicious campaigns β’ Track APT (Advanced Persistent Threat) adversaries, characterizing various TTPs (Tactics, Techniques, and Procedures), capabilities, infrastructure, and campaigns Skills β’ 3+ years of work experience and a master's degree in computer science, engineering, or a related field (or equivalent experience) β’ Technical experience across several areas of security operations, including investigations, incident response and management, digital forensics, malware analysis, reverse engineering, threat intelligence, threat hunting, and detection engineering β’ Excellent communication skills and the ability to assess the relevance and impact of threats β’ Experience building tools for automation, data collection, and threat hunting β’ Passion for open source and code β’ Familiarity with TypeScript/JavaScript and/or other programming languages and ecosystems protected by Socket β’ Experience leveraging LLMs or AI-based tools for threat detection Company Overview β’ Socket is a developer-first security platform that protects your most critical apps from software supply chain attacks. It was founded in 2020, and is headquartered in Stanford, California, USA, with a workforce of 51-200 employees. Its website is Company H1B Sponsorship β’ Socket has a track record of offering H1B sponsorships, with 1 in 2024. Please note that this does not guarantee sponsorship for this specific role. Apply tot his job