SpyCloud
Cybersecurity
SecurityResearcherIII(Phishing)
Neural analysis suggests this role is
optimal for Mid candidates.
“Security Researcher III (Phishing) at SpyCloud. Skills: Phishing-as-a-Service (PhaaS) kit analysis, AiTM, Device Code phishing, Human intelligence techniques, Deep and dark net data access, Data science, Security research. Locate, target and recapture data from Phishing-as-a-Service (PhaaS) kits using a combination of human intelligence and platform sourcing. Apply data science techniques to understand the quality of sourced data, in order to refine and improve the PhaaS data sourcing pipeline”
What You'll Achieve.
Disrupt the criminal underground; Thwart cyberattacks; Protect accounts worldwide; Enable data collection at scale; Refine and improve the PhaaS data sourcing pipeline; Support customers and business objectives; Support SpyCloud’s priorities
Industry & Context.
Critical thinker; Collaborative problem solving; Problem-solvers
What They're Looking For.
Must Have
3+ year(s) experience as a cybersecurity researcher, analyst, or similar cybersecurity related position, Working knowledge of modern PhaaS kits and techniques, inducing AiTM and Device Code phishing, Working knowledge of the criminal underground and how to access data traded through the deep and dark net, Experience with human intelligence techniques including elicitation, persona management, and direct threat actor engagement, Critical thinker that is comfortable supporting collaborative problem solving in a team environment, Excellent communication skills, Highly curious, empathetic, flexible and self-directed, Experience working in a remote work environment with team members all around the world, A passion for thwarting bad actors in the cyber criminal ecosystem
Nice to Have
Experience with a high-level programming language like Python, Rust, Go, Experience working with large enterprises in delivery of security analytics products, Experience in using data science to analyze datasets for the purposes of detecting fraud or cyberthreats, Experience with databases (relational or NoSQL), Experience automating data collection and analysis with a programming language, Experience working with industry peers and sharing information in a secure manner, Experience using AI/LLMs to perform data analysis tasks with large datasets, Experience scraping data from deep and dark web
What You'll Do.
target and recapture data from Phishing-as-a-Service (PhaaS) kits using a combination of human intelligence and platform sourcing
Apply data science techniques to understand the quality of sourced data
in order to refine and improve the PhaaS data sourcing pipeline
Perform human intelligence techniques such as managing multiple alternate personas
and social engineering in support of data recapture efforts
Participate in the drafting of research blogs and analytical products to support customers and business objectives
Participate in security research including investigation of threat actors
and other critical research in support of SpyCloud’s priorities
How You'll Work.
Team & Collaboration
Work closely with teams across the organization to build applications and processes that enable data collection at scale; Supporting collaborative problem solving in a team environment; Experience working with industry peers and sharing information in a secure manner
Communication Scope
Excellent communication skills; Drafting of research blogs and analytical products
Full Job Description
SpyCloud is on a mission to make the internet a safer place by disrupting the criminal underground. SpyCloud’s solutions thwart cyberattacks and protect more than 4 billion accounts worldwide. Cybersecurity is an exciting, evolving space, and being at the forefront of the fight to disrupt cybercrime makes SpyCloud a special place to work. If you’re driven to align your career with a fantastic mission, look no further! SpyCloud is looking for a self-driven Security Researcher to join our team and participate in our research initiatives that drive SpyCloud’s tailored intelligence collection. You will work closely with teams across the organization to build applications and processes that enable data collection at scale. What You'll Do Data Collection: Locate, target and recapture data from Phishing-as-a-Service (PhaaS) kits using a combination of human intelligence and platform sourcing. Data Analysis: Apply data science techniques to understand the quality of sourced data, in order to refine and improve the PhaaS data sourcing pipeline. Human Intelligence: Perform human intelligence techniques such as managing multiple alternate personas, actor engagements, and social engineering in support of data recapture efforts. Security Analysis: Participate in the drafting of research blogs and analytical products to support customers and business objectives. Security Research: Participate in security research including investigation of threat actors, PhaaS, and other critical research in support of SpyCloud’s priorities. Requirements 3+ year(s) experience as a cybersecurity researcher, analyst, or similar cybersecurity related position. Working knowledge of modern PhaaS kits and techniques, inducing AiTM and Device Code phishing. Working knowledge of the criminal underground and how to access data traded through the deep and dark net. Experience with human intelligence techniques including elicitation, persona management, and direct threat actor engagement. Critical thinker t
Applying for this Security Researcher III (Phishing) role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Greenhouse
- Create a Greenhouse profile before applying — it saves time across multiple applications.
- Upload your resume as a PDF; the parser handles it better than Word.
- Answer all knockout questions carefully — wrong answers auto-reject before a human sees you.
- Enable email notifications to track application status in real time.
ANONYMOUS · UNFILTERED
What do employees actually say about SpyCloud?
Real rants from real employees. Read before you apply.