Halcyon

Threat Analyst

Halcyon

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $175,000 - $200,000 per year

Job Level

SeniorLead

Tech Stack

CloudCyber SecurityPython

About the role

  • Monitor and analyze security events to detect, investigate, contain, and escalate potential threats. Correlate data across multiple sources to identify malicious activity and patterns.
  • Triage and assess events to determine impact, contain incidents, and drive threat remediation.
  • Reverse engineer Windows PE files and other malicious binaries using static and dynamic techniques to uncover capabilities, persistence methods, and indicators of compromise (IOCs).
  • Design, develop, and maintain internal tools to support threat triage, correlation, and research (log parsers, incident tracking systems, custom sandboxes, etc.).
  • Conduct malware analysis in disassemblers, debuggers, and sandbox environments to understand payloads, infection chains, and evasion techniques.
  • Research and track evolving ransomware techniques, publishing findings to improve detection logic and response processes.
  • Collaborate closely with Customers, Incident Response, Engineering and Customer Success to improve product resilience and ensure smooth customer communication during security events.

Requirements

  • 10+ years of combined experience in reverse engineering, detection engineering, threat research, incident response, or security operations related roles.
  • High proficiency in malware reversing, with demonstrated expertise in analyzing Windows PE files, unpacking obfuscated samples, and extracting behavioral and static indicators.
  • Experience with Artificial Intelligence / Machine Learning methodologies and their practical use cases to enhance cybersecurity strategies and operational efficiency.
  • Hands-on experience with Yara, Python, and scripting languages (PowerShell, Bash/Shell, Batch).
  • Advanced knowledge of static and dynamic analysis using tools such as IDA Pro, Ghidra, x64dbg, WinDbg, Cuckoo or similar sandboxes.
  • Familiarity with EDR evasion techniques, persistence mechanisms, and exploitation methods.
  • Cloud Service Provider experience preferred (cloud log analysis, security, threat hunting in cloud environments).
  • Proven track record in cyber threat research, malware analysis, or security operations.
  • Strong collaboration and communication skills, with the ability to explain technical findings to both technical and non-technical stakeholders.
Benefits
  • Comprehensive healthcare (medical, dental, and vision) with premiums paid in full for employees and dependents.
  • 401k plan with a generous employer contribution.
  • Short and long-term disability coverage, basic life and AD&D insurance plans.
  • Medical and dependent care FSA options.
  • Flexible PTO policy.
  • Parental leave.
  • Generous equity offering.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
reverse engineeringmalware analysisdetection engineeringthreat researchincident responsesecurity operationsmalware reversingstatic analysisdynamic analysiscloud log analysis
Soft skills
collaborationcommunicationtechnical explanation