Principal Windows Security Researcher - EDR
Reports to: Senior Manager, Product Research
Location: Remote US and Canada
Compensation Range: $195,000 to $210,000 base plus bonus and equity
What We Do:
Founded in 2015 as a fully remote company by former NSA cyber operators, Huntress was built on a simple premise: to force hackers to earn every inch of their access.
Today’s cyber-attacks aren’t limited to large organizations with the security tools that can ward off threats. Hackers don't discriminate and will find a way to penetrate any vulnerability in any size business, which is why Huntress focuses on protecting those small to midsize businesses that make up the backbone of our economy.
Huntress stops hidden threats that sneak past preventive security tools by utilizing our award-winning security platform and expert human threat hunters through dynamic products, including Managed EDR, MDR for Microsoft 365, and Managed Security Awareness Training.
Join the hunt and help us stop hackers in their tracks!
About the Role:
The Huntress Threat Operations team has the unique honor of waking up every morning knowing we’re going to make hackers regret targeting our partners and customers. As a Principal Security Researcher, we’re looking for someone who wants to pour all of their creativity into building and implementing simple solutions that are disproportionately effective at countering these constantly evolving threats. Competitive candidates have experience managing, deploying, and securing environments utilizing a wide variety of security software, best practices, and automation tools. Familiarity with product management, incident response, host-based threat hunting, malware analysis, configuration management, antivirus technologies, and managed service provider tools are additional ways to differentiate yourself.
As you can imagine, success doesn’t happen in a vacuum. An effective Principal Security Researcher fosters highly collaborative environments between the Product, Engineering, and Threat Operations teams to accelerate our mission and secure the 99% of businesses that fall below the enterprise poverty line. This collaboration is needed to produce and prioritize a unified technical vision that ultimately delivers our most impactful features and capabilities.
We defend over 2.5 Million endpoints across 100,000+ mid-sized and small business customers, and that number continues to grow each month. Considering this market’s tighter budget, it’s not financially possible to dedicate human analysts to each client. The R&D team addresses this challenge head-on by building and scaling highly automated efficiencies—often lightly augmented by our Threat Analysts—that make intruders earn every inch of their access while maintaining affordability and healthy gross margins.
Roles and Responsibilities:
- Identify innovative ways to detect Windows OS threats
- Develop cross-platform features that leverage telemetry from common OS subsystems such as file system, memory, process, and network activity
- Research and development of sensor capabilities to provide visibility and detection support for attack techniques across supported Windows OS versions
- Work collaboratively to implement detection logic
- Identify and evaluate new telemetry opportunities
- Identify and address gaps in product coverage
- Respond to product escalations
- Perform False Positive and False Negative investigations
- Lead product research initiatives to develop and evaluate security product strategies and technologies
- Coordinate with Product and Engineering teams to integrate and operationalize solutions developed by Threat Operations teams
- Develop internal and external technical documentation to educate customers and communicate research findings to adjacent teams about security risks and opportunities
- Mentor and teach technical expertise to advance the broader community
- Promote Huntress’ reputation through media interaction, public speaking, CFPs, CTFs, and blogs
Qualifications:
- Expert in Windows OS internals, components, APIs, and design
- Prior experience with Windows OS kernel coding and device drivers
- Experience testing EDRs, bypasses, and evasion techniques
- Comfortable reverse engineering and using debuggers
- Proficiency in multiple programming/scripting languages, such as C/C++/C#, PowerShell, and Python
- Commitment to clear documentation of research findings
- Experience with MITRE ATT&CK matrix, SIGMA, Yara, and Elasticsearch/Kibana
What We Offer:
- 100% remote work environment - since our founding in 2015
- Generous paid time off policy, including vacation, sick time, and paid holidays
- 12 weeks paid parental leave
- Highly competitive and comprehensive medical, dental, and vision benefits plans
- 401(k) with 5% contribution regardless of employee contribution
- Life and Disability insurance plans
- Stock options for all full-time employees
- One-time $500 reimbursement to build/upgrade home office
- Annual allowance for education and professional development assistance
- $75 USD/month digital reimbursement
- Access to both Udemy and BetterUp platforms for coaching, personal, and professional growth
Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.
We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.
We do discriminate against hackers who try to exploit small businesses.
Accommodations:
If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or participating in the employee selection process, please direct your inquiries to [email protected]. Please note that non-accommodation requests to this inbox will not receive a response.
If you have questions about your personal data privacy at Huntress, please visit our privacy page.
#BI-Remote