Principal, Cyber Intelligence

Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats. Our client-centric approach reduces stress and provides clients the confidence needed to prepare, respond, and recover from cyber incidents – and fortify their cyber resilience after an event.

Surefire Cyber’s approach and delivery are designed by industry veterans who have worked shoulder-to­shoulder with law firms, insurance carriers, brokers, law enforcement, and impacted organizations in responding to cyber incidents. We are marshaling this experience to address the industry’s persistent challenges of efficiency, predictability, and transparency

Compensation: $120K-$150K

Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats. Our client-centric approach reduces stress and provides clients the confidence needed to prepare, respond, and recover from cyber incidents – and fortify their cyber resilience after an event.

Surefire Cyber’s approach and delivery are designed by industry veterans who have worked shoulder-to­ shoulder with law firms, insurance carriers, brokers, law enforcement, and impacted organizations.

We are not just building a company. We are forging a culture of collaboration, innovation, and unwavering commitment to the needs of our clients, partners, and colleagues. We are dedicated to fostering an environment where every member feels valued, empowered, and driven towards collective growth. Our values provide our foundation — teamwork, tenacity and empathy.

You are a highly motivated and experienced Principal, Cyber Intelligence professional. You have demonstrated professional progression and hands-on experience with synthesizing multiple intelligence sources to support threat collection, analysis, and data visualization to provide situational awareness of the current and emerging cyber threat landscape. You have a strong awareness of cybersecurity, data analytics, digital forensics and incident response, SOC (Security Operations Center) operations, threat hunting, and/or a combination of the above. 

You have a passion for leveraging cyber intelligence data to enable more informed data-backed security decisions and are not afraid to jump in and assist wherever needed to support, guide, and mentor other team members and the Surefire Cyber mission. You are excited to play a critical part in shaping the way we understand adversaries’ motives, intentions, and methods as we seek to change the incident response model in the cyber insurance market.

In this role, you will play a critical part in advancing Surefire Cyber’s cyber intelligence capabilities by transforming complex, multi-source threat data into clear, actionable intelligence that informs incident response, security strategy, and risk decisions. You will provide situational awareness of current and emerging threats by analyzing adversary behavior, motives, and techniques, supporting DFIR, SOC, and threat hunting teams during active incidents and proactive engagements alike.

Your work will directly influence how we respond to cyber events and how we partner with the cyber insurance ecosystem to improve outcomes. As a senior contributor, you will also mentor and guide team members, elevate analytical tradecraft, and help shape how cyber intelligence is operationalized across the organization—leading by example through collaboration, curiosity, and a willingness to step in wherever your expertise is needed to support the Surefire Cyber mission.

Surefire Cyber is actively looking for a seasoned Principal in Cyber Intelligence who possesses an investigative mindset to join our rapidly expanding Incident Response (IR) startup. In this role, you will directly report to our Chief Insights Officer (CIO) and collaborate closely with cross-functional teams, including Cyber Advisory and service delivery teams. Your engagement extends to external client stakeholders, where your expertise will play a crucial role in translating in-depth cyber threat research and analysis into actionable insights. This alignment is key to supporting the overall Surefire Cyber resilience roadmap.

• Collaborate closely with the CIO, digital forensics, and incident response teams.
• Work with the CIO, Cyber Advisory, and Response services teams to determine intelligence needs and requirements.
• Ensure data accuracy and produce daily Cyber Threat Intelligence (CTI) reports.
• Work with engagement leads and project managers to ensure accurate data collection from Surefire IR cases. 
• Produce well-written actionable reports for stakeholders and clients.
• Conduct in-depth research, data collection, and analysis on current and emerging cyber threats.
• Regularly conduct rigorous research, analyze, and correlate time-sensitive intelligence data from multiple data sets, including open-source outlets.
• Support the Surefire Cyber Response services team in investigations.
• Analyze threat intelligence alerts and reports on Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs).
• Manage multiple high-level and competing priorities.
• Ensure cyber threat intelligence needs and requests are met in a timely manner.
• Work closely with the CIO to evaluate current and emerging technologies and techniques.
• Stay current on best practices for tracking advanced persistent threats.
• Develop well-informed solutions and maintain awareness of identified patterns of tracked activity threats.
• Create, maintain, and enhance a solution for cyber threat intelligence dashboards, reports, and metrics.
• Interpret findings and proactively communicate threat awareness to stakeholders.
• Translate technical and non-technical intelligence data to produce reports/publications.
• Deliver presentations on the importance of cyber threat intelligence findings, including relevant information on threat groups to diverse audiences such as internal stakeholders and clients.

• Bachelor’s degree in a relevant field (cybersecurity, computer science, information security) or comparable real-world experience. Proven success in analytical, intelligence, or security-focused roles such as Cyber Threat Intelligence Analyst, Forensic Analyst, Security Engineer, Cybersecurity Consultant, or related positions.
• Previous experience in working in a cybersecurity organization, or professional services firm in a client-facing role. 
• In-depth knowledge of cybercrime and the cybersecurity incident response lifecycle. 
• Up to date on the latest research and trends in the cyber threat landscape, and familiarity with reporting from cybersecurity researchers, vendors, and open-source outlets. 
• Experience in deploying and analyzing data from technical security controls, including web proxy, firewalls, IPS, IDS (Intrusion Detection System), mail content scanning tools, antivirus solutions, network analyzers, and other host-based protection solutions.
• Experience reviewing the attack surface of organizations to produce actionable intelligence including the use of dark web personas.
• Experience with data analysis, data visualization, and/or business intelligence software. 
• Strong problem-solving abilities with an investigative and collaborative mindset. 
• Excellent communication (written, verbal, presentation) and experience in composing well-written reports/publications, and documentation. 

Expertise in all these areas is not required, but you should be excited by the opportunity to learn new things and comfortable with working with other team members to expand your knowledge base and experience. We at Surefire Cyber invite you to apply even if you do not feel you have mastery in all the requirements listed on the job description and welcome a further discussion.  

• Submit interest by applying to the job posting or submit your resume to [email protected] 
• Preliminary phone interview with a member from the People Team (approx., 30 minutes)
• Submission of written sample of work e.g. an intelligence report or blog or create a written sample based on a provided scenario.
• Virtual interview with hiring leader Chief Insights Officer, (approx., 45 minutes)
• Virtual interview with other Technology, Advisory and/or Response team members, (approx., 45 minutes)
• Virtual interview with the CEO (Chief Executive Officer) (approx., 30 minutes)

Please note that we reserve the right to modify the process at any time.

• Competitive compensation plan and total rewards package for team members.
• Remote workforce.
• Generous paid time off plan and floating holidays.
• Paid parental leave.
• Employer paid premiums for both team members and their dependents for medical, dental, and vision.
• Comprehensive health, vision, dental, 401K matching program, disability, Flexible Spending. Accounts (FSA), Health Savings Account (HSA), Life and AD&D benefits.
• Professional development and career advancement opportunities.
• We prioritize employee growth and development through a robust performance management platform to provide ongoing coaching, clear feedback, recognition, and opportunities for career growth.

Surefire Cyber is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex, or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances. 

#LIRemote