Dragos is on a relentless mission to defend industrial organizations that provide us with the necessities of modern civilization; running water, functioning electricity, and safe industrial working environments. As the market leader in ICS/OT Cybersecurity, we are dedicated to arming our customers with best-in-class technology, threat intelligence, and services to protect their systems as effectively and efficiently as possible. We’re a remote-first culture with operations in North America, Europe, the Middle East, and APAC. We’re looking for mission-oriented teammates who embody our core values of authenticity, transparency, and trust. Are you ready to make a difference? Come join a mission that can save the world!
About the Role:
Our Threat Intelligence Team is seeking a Senior Adversary Hunter who will hunt for, identify, and analyze the tools, techniques, and capabilities that adversaries develop to disrupt ICS/OT systems and devices across critical infrastructure sectors. You will serve as a technical specialist in understanding how threat actors build and deploy their arsenals against industrial environments—from custom malware and exploits to novel attack methodologies and tradecraft. In this role, you will partner closely with our Adversary Hunters and collaborate with teams across the organization to provide critical intelligence on adversary capabilities that inform detection strategies, threat assessments, and customer advisories. You will maintain and develop your own tools and scripts for capability identification and analysis, with opportunities to productize these solutions for internal use across Dragos, enhancing our collective ability to understand and defend against evolving threats to critical infrastructure.
Responsibilities:
- Contribute to the development of complex features that enhance system performance, reliability, and usability.
- Author design documentation for small-to-medium projects, collaborating closely with threat hunt, research, intelligence, product and engineering teams.
- Support technical excellence by refining coding standards, building processes and testing frameworks.
- Diagnose and resolve complex defects, delivering robust solutions independently.
- Communicate progress clearly, present demos, and coordinate timely feature releases within the team.
- Support multiple Threat Groups and TATs concurrently, contributing to WorldView reporting and Synapse-based assessments.
- Assist in representing the team in Year in Review and webinars, preparing materials and supporting senior SMEs.
- Improve and document analysis methodologies, identify opportunities for automation in Synapse, and recommend solutions to visibility gaps in telemetry and data sources.
- Apply expertise in network telemetry tools (e.g., NetFlow, Censys, Shodan) and file-based analysis platforms (e.g., VirusTotal, Joe Sandbox) to support threat hunting and adversary tracking.
- Utilize Synapse and Storm Query Language for data modeling, threat hunting, and investigative workflows, while contributing to improvements in data interrogation tools.
- Contribute to external intel-sharing relationships aligned with assigned industries, supporting senior staff in fostering collaboration.
- Provide hunting support during surge events and incident response engagements, including triage under supervision.
Qualifications:
- 2–3 years of experience in Capabilities Development, Threat Hunting, Network-Based Intrusion Analysis, Vulnerability Analysis, and/or Detections Development.
- Experience with software development in C#, Python, or similar languages.
- Familiarity with pivoting across the Diamond Model, all stages of the Kill Chain, and MITRE ATT&CK.
- Strong report writing skills, with experience producing technical intelligence reports for operational teams and customer-facing audiences.
- Demonstrated knowledge of adversarial Threat Groups, including tactics, techniques, procedures, and the adversary lifecycle.
- Experience contributing to cross-functional projects and collaborating with internal and external teams.
- Knowledge of network analysis and common malware functionality and operations.
Compensation:
- Salary: $135,000
- Competitive Equity Package
- Comprehensive Benefits Plan
#LI-JF1 #LI-REMOTE
Dragos is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, state, or local laws. All new hires must pass a background check as a condition of employment.
Top Skills
Similar Jobs
What you need to know about the Boston Tech Scene
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
