Red Canary

Senior Cloud Security Researcher

Remote

Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
CybersecurityIndustries

Position Overview

  • Location Type:
  • Job Type:
  • Salary:

Red Canary is a cybersecurity company dedicated to protecting organizations from cyber threats. We empower businesses to make better security decisions, allowing them to focus on their mission without fear. Our market-defining technology and expertise prevent breaches and set a new standard for partnership in the industry. We are committed to our customers and grounded in our values, recognized as a Best Place to Work.

What We Believe In

  • Do what’s right for the customer
  • Be kind and authentic
  • Deliver great quality
  • Be relentless

Challenges You'll Solve

The Red Canary Intelligence Team analyzes threats to help prioritize detection and response efforts. As a key contributor, you will investigate raw telemetry, analyze threats, and conduct open-source research to associate activity with known adversaries. A significant focus is on researching identity-based threat actors and cloud-targeted TTPs across infrastructure services (AWS, GCP, Azure) and platform services (Okta, EntraID, Kubernetes). Curiosity, adaptability, and a passion for addressing evolving threats are vital for success in this dynamic, mission-driven team.

The role requires strong collaboration, outstanding communication, and experience in open-source threat research. A solid understanding of cyber threat intelligence and adversary behaviors is essential, alongside proficiency in analytical and problem-solving skills.

Responsibilities

  • Research known and emerging threats with cloud and SaaS providers, including AWS, GCP, Azure, Office 365, and Google Workspaces.
  • Investigate telemetry and malicious activity to identify threats, provide context, and guide detection and response decisions.
  • Collaborate with Engineers and Data Scientists to ensure relevant data from Cloud and Identity telemetry sources are properly stored and indexed for historical analysis at scale.
  • Conduct open and closed-source research to associate suspicious activity with known threats and communicate threats of concern to customers.
  • Process and analyze patterns and trends in detections and write actionable intelligence products to track TTPs, detection coverage, and remediation strategies.
  • Define and analyze new activity clusters based on analysis of malicious and suspicious behaviors observed across our customer base.
  • Produce intelligence reports and communicate actionable insights based on analysis, both internally and externally to customers and the community.
  • Actively engage with internal teams, external partners, customers, and the infosec community to share knowledge and enhance collaboration.
  • Respond to customer questions about threats to help them understand their threat model and what matters to them.
  • Stay updated on emerging threats, suggest workflow improvements, and support customers in understanding and responding to their specific threat models.

Requirements

  • Experience in open-source threat research.
  • Strong collaboration and communication skills.
  • Solid understanding of cyber threat intelligence and adversary behaviors.
  • Proficiency in analytical and problem-solving skills.

Note: If you bring a mix of these skills, we encourage you to apply—even if you don’t meet every requirement. The role will adapt to the person who joins.

Skills

Cloud Security
Threat Intelligence
Open-source Research
AWS
GCP
Azure
Okta
EntraID
Kubernetes
Cyber Threat Analysis
Adversary Behavior
Analytical Skills
Problem-Solving
Communication
Collaboration

Red Canary

Managed detection and response cybersecurity services

About Red Canary

Red Canary provides Managed Detection and Response (MDR) services to help businesses protect their digital assets from cyber threats. Their services include continuous monitoring and expert analysis, which involve collecting and analyzing telemetry data to identify potential security issues in real-time. They focus on Endpoint Detection and Response (EDR) to address threats at the individual device level and conduct ongoing security operations to ensure the effectiveness of their measures. Red Canary stands out from competitors by emphasizing measurable outcomes, using behavioral analytics to detect critical threats, and offering 24/7 expert investigation to minimize false positives. Their subscription-based model allows clients to benefit from ongoing security improvements and support, with the goal of reducing risk and enhancing security for various industries.

Denver, ColoradoHeadquarters
2013Year Founded
$126.4MTotal Funding
SERIES_CCompany Stage
CybersecurityIndustries
201-500Employees

Benefits

Health Insurance
Dental Insurance
Vision Insurance
Mental Health Support
Unlimited Paid Time Off
Parental Leave
Health Savings Account/Flexible Spending Account
Remote Work Options
Stock Options

Risks

Rise of macOS-targeted malware like 'Cthulhu Stealer' poses new threats to clients.
Sophistication of malware-as-a-service platforms requires continuous adaptation of strategies.
Rapid growth in Africa's tech ecosystem presents resource management challenges for Red Canary.

Differentiation

Red Canary offers 24/7 expert threat investigation to filter out false positives.
The company uses behavioral analytics to identify critical threats efficiently.
Red Canary's automated playbooks streamline response actions for improved security posture.

Upsides

Red Canary achieved 50% year-over-year growth in enterprise customer segment in Q3 FY25.
The release of Security Data Lake enhances MDR capabilities with cost-efficient storage.
Todd Chronert's appointment as CRO is expected to drive growth and strengthen partnerships.

Land your dream remote job 3x faster with AI