: Vice President, Threat Intelligence

Can you use Open-source intelligence (OSINT) to infer the security posture of an organization? Do you find reverse-engineering malware fascinating?

Security Scorecard is looking to hire an experienced Leader and expert in Cyber Threat Research and Intelligence. Our scores all begin with this team, and the signals we collect. This team owns the conception of novel signals to infer the security posture of organizations, their collection techniques, as well as collecting that data at scale. This role will report directly to the SVP of Technology.

Responsibilities

  • Lead a team of Cyber Threat Researchers & Software Engineers
  • Conceive novel signals that infer the security posture of organizations
  • Continuously monitor the security landscape for new attack vectors
  • Respond to requests for ad-hoc reporting and research topics
  • Develop and refine cyber-threat intelligence collection and analysis processes
  • Present relevant findings to both technical and non-technical audiences
  • Manage relationships with 3rd party data vendors
  • Establish industry cyber leadership and law enforcement relationships
  • Plan and deliver initiatives on time and on budget

Key Attributes

  • Bias towards action. Why wait until tomorrow if something can be done today?
  • Coding skills in a higher order language such as Python (must have)
  • Expert in malware reverse-engineering techniques
  • Expert in understanding and analyzing threat actor capabilities and methodologies
  • Focused on customers and their needs
  • Metrics, data, and results oriented
  • Experience communicating and partnering with different levels of product organizations
  • Strong strategy and program planning skills
  • Published findings (a big plus)

 Our Company Values 

  • S: Solution-focused : we value people who come up with solutions, and not just point out problems.
  • C : Customer-centric is a crucial value we constantly keep in mind. We ask ourselves in each meeting how is what we are doing making customer lives better?
  • O : One Scorecard - We value people who have no ego, and want to win as a team.
  • R: Resilience - This is a hard road, and not an easy road : you need to cultivate the same resilience in the rest of your team.
  • E : Embody Security DNA- The more you learn about cybersecurity, the more you will be able to influence the company. We value people who are passionate about cybersecurity.

About SecurityScorecard:

SecurityScorecard's SaaS based platform enables enterprises to instantly rate and understand the security risk of companies, non-intrusively and from an outside-in perspective. We use an A-F rating scale. Companies with a C, D or F rating are 5 times more likely to be breached or face compliance penalties than companies with an A or B rating.

Our platform is used by hundreds of customers for use-cases including self monitoring, vendor risk management, cyber insurance, board reporting, and M&A. Headquartered in New York City, we are funded by top investors like Sequoia Capital, Google Ventures, NGP, Moodys, Intel, and others. Our vision is to create a new language for companies and their partners to communicate, understand, and improve each others security posture.

SecurityScorecard was founded in 2013 by two former security leaders, Dr. Aleksandr Yampolskiy and Sam Kassoumeh, who were respectively, the CISO and Head of Security and Compliance at a large e-commerce retailer, Gilt Groupe. Dr. Yampolskiy, who has a PhD in cryptography, was also the CTO of BlogTalkRadio/Cinchcast and has held lead technology and security roles at Goldman Sachs, Oracle, and Microsoft. Mr. Kassoumeh also led Global Security at Federal-Mogul and has over ten years of cybersecurity experience. Together they were perplexed at the lack of visibility into risks involved in both their own environment and those who they needed to trust with sensitive information in order to conduct business. They wanted to find a way to see what hackers see.

Additional Information

SecurityScorecard embraces diversity. We believe that our team is strengthened through hiring and retaining employees with diverse backgrounds, skillsets, ideas, and perspectives. We make hiring decisions based upon merit and do not discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.

Full-time