Threat Intel Researcher

We’re united by a mission: to make the world a safer place. Corvus Insurance uses novel data and artificial intelligence/machine learning to achieve better insights into commercial insurance risk. Our software empowers brokers and policyholders to better predict and prevent complex claims through data-driven tools and Smart Commercial Insurance® policies. This allows us to reduce or eliminate the impact of adverse events, creating a safer world for everyone. Drawing inspiration from the intelligent, tool-building corvid family of birds, we are a team of high-flying collaborative builders. We’re excited to meet you. Spread your wings and soar with us.

This role will start fully remote, but will transition to a hybrid schedule in June 2025 (3 days/week in office, 2 days/week remote). We have several office locations in most states.

Who You Are

You spend your free time crawling ransomware leak sites, hacking forums, and the deepest areas of the dark web. Where others see just a new vulnerability to be patched, you see an opportunity to learn more about the vulnerability and jump into OSINT tools to identify how many systems across the globe are impacted. You believe at your core that the right information can inform the best action to mitigate risk, and you want to be the driving force behind that. 

Because, above everything else, you’re passionate about turning information into actionable intelligence to protect tens of thousands of organizations at scale.

This position will start in a fully remote setting, but will likely transition to a hybrid schedule within the next year.

Role Summary

As a Threat Intel Researcher, your efforts work to protect all Corvus policyholders. You will support the Threat Intel team in monitoring the threat landscape for emerging vulnerabilities, attack trends, and techniques. With a focus on actionable intelligence, you will identify emerging risks and create targeted alerts and remediation steps that will be sent to impacted policyholders.

The Threat Intel Researcher will work closely with the Threat Intel Manager on research and development projects to expand Corvus’ Threat Intel visibility and build new capabilities to support company objectives. You will report to the Head of Threat Intel and work closely with our Risk Advisory, Data Science, and Engineering teams to continuously improve our ability to inform and protect our policyholders against emerging threats.

Responsibilities

• Monitor the threat landscape for emerging threats, including new vulnerabilities, attack techniques, and trends.

• Work with OSINT tools like Shodan, Censys, and large data sets to fingerprint vulnerable systems.

• Prepare written alerts to Corvus policyholders on emerging vulnerabilities with an emphasis on mitigation techniques.

• Support threat intel research projects through detailed research and tool development.

• Work with other internal teams to support data enrichment and risk detection capabilities.

• Support the internal security team with internal initiatives and investigative support where needed.

What you'll bring to the flock:

• 2 - 3 years experience conducting threat intel research, supporting/performing incident response, red teaming, threat hunting, or similar related experience.

• Experience navigating TOR, Telegram, and dark web forums. An established dark web persona preferred.

• 2+ years of scripting/programming experience (e.g., Python, Ruby, Rust, etc.).

• Experience with vulnerability assessment and analysis.

• 1 year experience with SQL or other query languages, e.g., SQL, SparkQL, GraphQL.

• Experience with OSINT tools like Shodan, Censys, Wappalyzer, ZoomEye.

• Knowledge and passion for tracking current security trends, threats, and mitigations.

• Familiarity with nation-state, financially motivated, and, hacktivist threat actors.

• Excellent written and oral communication skills with the ability to write/present to less technical audiences.

• Demonstrated sense of ownership, urgency, and accountability.