Global Threat Intelligence Researcher

We believe that work and the workplace should be joyful and always buzzing with energy one of India’s most trusted Cyber security product companies, is on a mission to build the world’s fastest and most reliable AI technology that identifies and resolves digital threats in real-time. The central proposition is leveraging Artificial Intelligence and Machine Learning to create a quick and reliable analysis and alert system that provides rapid detection across multiple internet sources, precise threat analysis, and prompt resolution with minimal human intervention. Founded in 2015, headquartered at Singapore, we are proud to say that we’ve grown at a frenetic pace and have been able to achieve some accolades along the way, including: CloudSEK XVigil constantly maps a customer’s digital assets, identifies threats, and enriches them with cyber intelligence, and then provides workflows to manage and remediate all identified threats, including takedown support. A powerful Attack Surface Monitoring tool that gives visibility and intelligence on customers’ attack surfaces. CloudSEK's BeVigil uses a combination of Mobile, Web, Network, and Encryption Scanners to map and protect known and unknown assets. CloudSEK’s Contextual AI SVigil identifies software supply chain risks by monitoring Software, Cloud Services, and third-party dependencies. Expanded operations to India, Southeast Asia, and the Americas. ~Won the NASSCOM-DSCI Excellence Award for Security Product Company of the Year. ~Awards & Recognition : Won NetApp Excellerator's "Best Growth Strategy Award," CloudSEK XVigil joined NVIDIA Inception Program, and won the NASSCOM Emerge 50 Cybersecurity Award. ~Secured $19 million in funding led by Tenacity Ventures, Commvault. Are you a cybersecurity enthusiast who enjoys detective work and applying it to real-world threat tracking? Do you thrive on correlating rapidly evolving cybersecurity incidents and tech innovations, aspiring to build an AI-proof career? We are seeking a highly motivated and analytical Threat Intelligence Researcher to join our Global Threat Intelligence Team . The researcher will focus on tracking global threat activity , including ransomware operations , cybercrime ecosystems, etc., through a combination of infrastructure analysis , IAV (Initial Access Vector) mapping , and cyber HUMINT source development . The role requires a strong grasp of MITRE ATT&CK , MITRE Engage , the Diamond Model , and the Cyber Kill Chain , applied in operational and strategic research contexts. Perform e-crime and underground forum research to identify, profile, and map threat actors (TAs), their infrastructure, tools, and tradecraft. Execute infrastructure hunting campaigns focusing on APT and e-crime C2 frameworks , leveraging passive DNS, TLS certificates, and web fingerprinting techniques. Develop and maintain cyber HUMINT sources , focusing on early warning, infiltration, and intelligence collection aligned with organisational goals. Apply analytical models such as MITRE ATT&CK , MITRE Engage , Diamond Model , and Cyber Kill Chain to develop structured threat intelligence outputs. Produce tactical, operational, and strategic intelligence reports with actionable recommendations for global stakeholders. Required Skills & Experience: ~3+ years of experience in threat intelligence , malware analysis , threat hunting , or digital investigations . ~ Proven experience in tracking ransomware groups , access brokers , or APT campaigns through open-source, dark web, and technical telemetry. ~ Deep understanding of MITRE ATT&CK , MITRE Engage , Diamond Model , and Cyber Kill Chain frameworks. ~ Practical experience with IAV analysis , including exploitation of vulnerabilities, phishing, and social engineering vectors. ~ Strong OSINT and technical investigation skills (Shodan, Censys, FOFA, Netlas, VirusTotal, Hybrid Analysis, etc.). ~ Experience in cyber HUMINT or engagement within closed threat actor communities is a strong plus. ~ Ability to synthesise complex datasets into coherent, high-quality intelligence products. ~ Background in incident response , reverse engineering , or network analysis . Experience with Python or automation scripting for data enrichment and infrastructure correlation. Prior contributions to threat research publications , advisories, or CTI community initiatives.