Cyber Threat Researcher

Full Time

Job Title: Cyber Threat Researcher
Location: Santa Barbara, CA or Remote


Job Summary: 

Join our robust cyber threat hunt & research team. The mission of our Cyber Threat Research team (CTR) is to support MixMode’s customers and the development of the MixMode platform from a security threat landscape perspective. Our CTRs are experts in the cybersecurity field and, in particular, the current threat landscape. The knowledge of this group is leveraged by MixMode product, marketing and sales teams as well as our partners and customers. We are looking to add an experienced senior member to this team.

What you’ll be doing:

  • Maintain continual posture of understanding, documenting and educating MixMode on the current threat landscape.
  • Research and discover emerging threats with a view towards helping craft MixMode’s approach to detect these threats.
  • Serve as a company resource for education and proactive dissemination of cybersecurity industry news, events & best practices.
  • Work closely with the MixMode Product Management team to develop approaches to detection that align with the evolving threat landscape.
  • Work closely with MixMode’s marketing team to develop messaging, blog posts and other written artifacts that support MixMode’s approach to detecting evolving threats.
  • Work closely with the MixMode Sales Engineering team to support the demonstration and discussion of our approaches to detecting these evolving threats.
  • Developing and curating intel for the MixMode platform from multiple sources
  • Performing threat-hunting activities on customer datasets to uncover malicious activity that can be published as CVEs and intel
  • Assisting customers with understanding novel attacks that the MixMode AI uncovers
  • Analyzing and understanding exploit proliferation in gray markets
  • Producing organized, clearly communicated intelligence reports that can be consumed by Product, Sales, and Marketing teams
  • Working closely with external partners in support of cyber threat intelligence activities
  • Ability to present findings at conferences or events on research and interesting items in cyber security

What you’ll need to bring (job requirements):

  • Minimum 10+ years of cyber security experience focused on research, offensive and defensive capabilities, threat intelligence and/or incident response/reverse engineering. US Federal Government agency experience desired.
  • Experience with multiple Open Source and proprietary threat feeds
  • Packet capture analysis and decoding skills
  • Prior published CVEs and/or threat actor attribution experience a plus
  • Experience developing intel and curating threat feeds, including IDS signatures, YARA rules, JA3 signatures, and traditional IOCs
  • Comfortable in python, bash, and PowerShell
  • Deep understanding of Linux/unix and Windows from an administrative and threat model perspective
  • Research experience for publishing detailed analysis of malware, tactics, techniques, and procedures of adversaries
  • OT/IOT threat landscape experience a plus
  • Significant experience in cybersecurity and/or networking technology domains.
  • Familiarity with various cybersecurity exploitation tools and methodologies, common malware families, and antivirus evasion techniques.
  • Experience with modeling and demonstrating cybersecurity exploits in a lab environment for demonstration purposes.
  • Working knowledge of industry frameworks (MITRE, Cyber Killchain, etc).
  • CISSP or other security qualifications desired (not required).
  • Excellent written and verbal communication skills.
  • Able to articulate technical knowledge without technical jargon.
  • Creativity, positivity & the ability to think critically and problem solve.
  • Experience working with virtualized environments (VMWare, Hyper-V, etc.).
  • Experience working with networking technologies such as SPAN & TAP.
  • Experience working with public cloud environments (AWS, Azure, GPC etc.).
  • Educated in technology, computer science. B.S. in technical degree preferred.

Other things we’d love to see (nice-to-haves):

  • Passion and focus on cybersecurity.
  • Dedication to client service. Motivated by exceeding expectations and solving tough technical problems.
  • Positivity, willingness and a can-do attitude.
  • Initiative – able to act without being told what to do. Finding answers to problems independently and bringing new ideas to your client interactions.
  • Avid learner – our product is always evolving and so your technical knowledge must also.
  • High-energy, proven level of high performance in previous studies or professional work.
  • Ability to shift focus, multi-task and help solve problems or a number of clients in a sequential fashion.
  • Ability to perform repetitive detailed technical tests in a high-velocity, constantly busy and demanding environment.

Compensation and benefits are competitive based on industry standards. Benefits for full-time team members include:

  • Healthcare (Medical, Dental, Vision)
  • Basic Life and AD&D (option to purchase additional Voluntary Life Insurance)
  • Flexible Spending Account (FSA)
  • Employee Assistance Program
  • 401(k) with employer match
  • Paid Holidays & Flexible Paid Time Off (PTO)

About MixMode:

MixMode is a no-rules-required Cybersecurity platform, serving large enterprises with big data environments across a variety of industries. MixMode delivers a patented, self-learning platform that acts as the Cybersecurity Intelligence Layer℠ to detect both known and unknown attacks, including novel attacks designed to bypass legacy cyber defenses. This is accomplished in real-time, across any cloud or on-premise data stream. Trusted by global entities in banking, public utilities and government sectors, industry cyber leaders rely on MixMode to protect their most critical assets. The platform dramatically improves the efficiency of SOC teams previously burdened with writing and tuning rules and manually searching for attacks. The MixMode platform can be deployed remotely, with no appliances, in under an hour with business outcomes evident within days. Backed by PSG and Entrada Ventures, the company is headquartered in the heart of downtown Santa Barbara, CA. Although we do have physical offices, our employees enjoy a remote-first work culture. Learn more at

Please note: MixMode does not accept unsolicited resumes from recruiters or employment agencies. In the event of a recruiter or agency submitting a resume or candidate without a signed agreement being in place, we explicitly reserve the right to pursue and hire such candidates without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted directly to hiring managers, are deemed to be the property of MixMode.


Apply for this position

We've received your resume. Click here to update it.
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.

Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status

Voluntary Self-Identification of Disability
Voluntary Self-Identification of Disability Form CC-305
OMB Control Number 1250-0005
Expires 5/31/2023
Why are you being asked to complete this form?

We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at

How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition. Disabilities include, but are not limited to:

  • Autism
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, or HIV/AIDS
  • Blind or low vision
  • Cancer
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or hard of hearing
  • Depression or anxiety
  • Diabetes
  • Epilepsy
  • Gastrointestinal disorders, for example, Crohn's Disease, or irritable bowel syndrome
  • Intellectual disability
  • Missing limbs or partially missing limbs
  • Nervous system condition for example, migraine headaches, Parkinson's disease, or Multiple sclerosis (MS)
  • Psychiatric condition, for example, bipolar disorder, schizophrenia, PTSD, or major depression
Please check one of the boxes below:

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

You must enter your name and date
Human Check*