We are looking for a Threat Intelligence Researcher who can analyze cyber threats and turn technical data into clear, useful insights. You will work closely with a team and clients, create reports, and build simple tools or scripts (mainly in Python) to improve how data is collected and analyzed. This role requires strong problem-solving skills, good communication, teamwork, and taking responsibility for delivering results. About the team You will join a team of threat intelligence researchers focused on investigating cyber threats, tracking threat actors, and producing actionable intelligence. The team works closely with other groups to collect data, analyze trends, and improve tools and processes for faster and more accurate insights. Daily work includes research, reporting, and collaboration to deliver intelligence that supports customers and business decisions. About the Role We are seeking an analytical and experienced Threat Intelligence Researcher to join our team. This is a technical role that necessitates bridging the gap between traditional intelligence analysis and software engineering principles. You will be responsible for producing strategic and technical intelligence reports and developing automation and scripting solutions for the team. Specifically, your focus will be on: - Intelligence Reporting: Conduct in-depth investigations and produce comprehensive reports based on customer requests. - Client Engagement: Participate in customer-facing meetings as required to present findings or gather requirements. - Tool Development: Design, implement, and maintain internal tools, scripts, and data scrapers (primarily utilizing Python) to streamline data collection and analysis. - Actionable Intelligence Production: Convert raw technical data into finished, actionable intelligence products, including detailed technical reports, the creation of YARA/Sigma rules, and executive-level briefings. The skills and qualities you will bring include: - Technical Expertise: Possess a robust background in cybersecurity and threat intelligence research. - Programming Proficiency: Demonstrated proficiency in Python, Go, or C++, with a particular emphasis on developing automation or data processing pipelines. - Analytical Acumen: Proven ability to synthesize disparate data points to construct a cohesive and accurate intelligence picture. - Professional Communication: Exceptional technical writing skills and the capability to present complex findings to stakeholders with clarity and professional gravity. - Accountability: Ownership by holding self and others responsible for driving outcomes and meeting commitments that deliver value for the business and customers. - Adaptability & Automation Mindset: Comfortable navigating change and ambiguity, with a proactive approach to improving efficiency by automating manual tasks and streamlining team workflows. - Language Proficiency: Fluent written and verbal communication skills in English. - Core Value Embodiment: Embody our core values to foster a culture of excellence that drives meaningful impact and collective success. Preferred Skills - Demonstrated familiarity with the MITRE ATT&CK framework. - Active engagement within the security research community (e.g., participation in CTFs, publishing blog posts, or contributing to open-source projects). - Highly articulate, written, and verbal English communication. - Comprehensive understanding of the threat intelligence landscape, including Advanced Persistent Threats (APTs), Initial Access Brokers (IABs), and their Modus Operandi. - Familiarity with the Dark Web and the cybercrime forum ecosystem. We know that the best ideas and solutions come from multi-dimensional teams. That's because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today. #LI-SIM About Rapid7 At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what's possible and drive extraordinary impact. We're building a dynamic and collaborative workplace where new ideas are welcome. Protecting 11,000+ customers against bad actors and threats means we're continuing to push the envelope just like we' ve been doing for the past 20 years. If you 're ready to solve some of the toughest challenges in cybersecurity, we're ready to help you take command of your career. Join us.

• Analyze and classify web malware: PHP shells, JavaScript injectors, WordPress backdoors, SEO spam, redirectors, cryptominers, and other threats targeting the hosting ecosystem • Reverse-engineer obfuscated PHP and JavaScript to understand attacker techniques and extract detection patterns • Write and refine PCRE-based detection signatures for our scanning engine precision matters, false positives erode customer trust • Maintain processing SLAs as part of a globally distributed team providing round-the-clock malware coverage • Research emerging threats new CMS exploitation techniques, supply-chain attacks on plugins/themes, zero-day delivery methods

Company Description About Sibylline Sibylline is a leading intelligence and strategic risk consultancy in the security sector. Since 2010 we have supported businesses, governments and NGOs by providing high-quality risk analysis, due diligence and consultancy services. The firm provides an innovative, entrepreneurial and fast-growing working environment, offering employees ever greater exposure to high-profile clients and challenges. Sibylline offers fantastic opportunities for career progression within a successful company, and we aim to help our employees build their own personal profiles as well-regarded analysts within the broader industry. Key attributes of Sibylline employees are: - Self-motivated, and auto-improving individuals who can couple initiative and boldness with good judgement - Excellent written and spoken English - Clarity of thought and analytical flair - Strong, demonstrable interest in security and intelligence - The ability to work under pressure, demonstrate leadership when required but also be able to collaborate effectively in teams - Excellent attention to detail​ Job Description Position Summary The Principal Threat Intelligence Analyst/Lead Threat Intelligence Analyst is a senior member of Sibylline’s Threat Intelligence Unit (TIU), responsible for leading reporting efforts, managing analysts, and driving innovation in intelligence methodologies and tooling. As a Principal Analyst, you will lead product development, client engagements, and contribute to strategic direction across the TIU. Operating within a dynamic and fast-paced environment, you will be responsible for leading high-quality intelligence outputs, managing tailored client requests, and supporting the development of standing and bespoke products and SOPs. This is a full-time remote role in the UK requiring to work night shifts, with flexibility to work weekends and public holidays as part of the shift rotation. This role may require working outside standard hours based on client needs, including up to a 24/7 schedule. Occasional travel to the office will also be required for training, events, or administrative purposes. Essential Functions / Responsibilities - Lead reporting and produce all TIU products to exceptional standards with minimal editing - Perform editing and proofing duties, mentor analysts on writing style and standards, and lead desk-level training - Lead training on intelligence methodologies and structured analytic techniques - Train analysts on Sibylline/3rd party technology including visualisation software, data manipulation, and ASTRA - Collaborate and innovate use of data within reporting - Lead product development and cross-desk initiatives - Lead client scoping calls and manage tailored intelligence projects - Deliver internal and external presentations, including GIT training sessions and client briefings - Act as a point of contact for media requests and represent Sibylline at external events - Provide line management for analysts and senior analysts within the team. Knowledge, Skills, and Abilities - Exceptional writing, editing, and analytical skills for shaping high-quality intelligence products - Demonstrated experience/interest in covering geopolitical topics - Deep expertise in intelligence methodologies, advanced technical proficiency with monitoring tools and experience leading training sessions - Proficient in intelligence monitoring and data visualization tools (e.g., Dataminr, Navigator). - Strong leadership and mentoring abilities with a strategic mindset - Skilled in managing multiple priorities under pressure in 24/7 operational environments - Experienced in client engagement, including leading scoping calls and delivering tailored intelligence - High competency with Microsoft Office and analytical software - Extensive background in threat intelligence, geopolitical analysis, or security operations across corporate, government, or consultancy settings - Familiarity with mass notification systems and social media monitoring tools - Proven ability to lead editorial processes and develop team capabilities - Ability to manage complex client requirements and cross-desk initiatives. Qualifications - Bachelor's degree in Security Studies, International Relations, War Studies, Criminal Justice, or a related field; or equivalent professional experience - Minimum 3 years of experience in threat intelligence, geopolitical analysis, or security operations - Ability to work flexible hours including evenings, weekends, and holidays as operational needs dictate. Schedule may include rotating shifts and on-call responsibilities to ensure continuous coverage. Additional Information Interview Process - Initial call with our Talent Acquisition team member - Timed written assessment (arranged at a time that suits you) to test writing and analytical capability - Panel interview with some of the team members and hiring managers at Sibylline Research indicates that certain groups are less likely to apply for a position unless they meet every single requirement. If you feel you meet some of the requirements and can offer a unique perspective to this role, we strongly encourage you to apply—you might be the perfect fit we're looking for! Sibylline is committed to the recruitment and selection of candidates without regard for sexual orientation, gender, ethnicity, age, political beliefs, culture, and lifestyle. We are committed to fostering a business culture that reflects these values and promotes equal opportunity.

Company Description About Sibylline Sibylline is a leading intelligence and strategic risk consultancy in the security sector. Since 2010 we have supported businesses, governments and NGOs by providing high-quality risk analysis, due diligence and consultancy services. The firm provides an innovative, entrepreneurial and fast-growing working environment, offering employees ever greater exposure to high-profile clients and challenges. Sibylline offers fantastic opportunities for career progression within a successful company, and we aim to help our employees build their own personal profiles as well-regarded analysts within the broader industry. Key attributes of Sibylline employees are: - Self-motivated, and auto-improving individuals who can couple initiative and boldness with good judgement - Excellent written and spoken English - Clarity of thought and analytical flair - Strong, demonstrable interest in security and intelligence - The ability to work under pressure, demonstrate leadership when required but also be able to collaborate effectively in teams - Excellent attention to detail​ Job Description Position Summary The Principal Threat Intelligence Analyst/Lead Threat Intelligence Analyst is a senior member of Sibylline’s Threat Intelligence Unit (TIU), responsible for leading reporting efforts, managing analysts, and driving innovation in intelligence methodologies and tooling. As a Principal Analyst, you will lead product development, client engagements, and contribute to strategic direction across the TIU. Operating within a dynamic and fast-paced environment, you will be responsible for leading high-quality intelligence outputs, managing tailored client requests, and supporting the development of standing and bespoke products and SOPs. This is a full-time remote role in the UK requiring to work day shifts, with flexibility to work weekends and public holidays as part of the shift rotation. This role may require working outside standard hours based on client needs, including up to a 24/7 schedule. Occasional travel to the office will also be required for training, events, or administrative purposes. Essential Functions / Responsibilities - Lead reporting and produce all TIU products to exceptional standards with minimal editing - Perform editing and proofing duties, mentor analysts on writing style and standards, and lead desk-level training - Lead training on intelligence methodologies and structured analytic techniques - Train analysts on Sibylline/3rd party technology, including visualisation software, data manipulation, and ASTRA - Collaborate and innovate in the use of data within reporting - Lead product development and cross-desk initiatives - Lead client scoping calls and manage tailored intelligence projects - Deliver internal and external presentations, including GIT training sessions and client briefings - Act as a point of contact for media requests and represent Sibylline at external events - Provide line management for analysts and senior analysts within the team. Knowledge, Skills, and Abilities - Exceptional writing, editing, and analytical skills for shaping high-quality intelligence products - Demonstrated experience/interest in covering geopolitical topics - Deep expertise in intelligence methodologies, advanced technical proficiency with monitoring tools and experience leading training sessions - Proficient in intelligence monitoring and data visualisation tools (e.g., Dataminr, Navigator). - Strong leadership and mentoring abilities with a strategic mindset - Skilled in managing multiple priorities under pressure in 24/7 operational environments - Experienced in client engagement, including leading scoping calls and delivering tailored intelligence - High competency with Microsoft Office and analytical software - Extensive background in threat intelligence, geopolitical analysis, or security operations across corporate, government, or consultancy settings - Familiarity with mass notification systems and social media monitoring tools - Proven ability to lead editorial processes and develop team capabilities - Ability to manage complex client requirements and cross-desk initiatives. Qualifications - Bachelor's degree in Security Studies, International Relations, War Studies, Criminal Justice, or a related field; or equivalent professional experience - Minimum 3 years of experience in threat intelligence, geopolitical analysis, or security operations - Ability to work flexible hours, including evenings, weekends, and holidays as operational needs dictate. Schedule may include rotating shifts and on-call responsibilities to ensure continuous coverage. Additional Information Interview Process - Initial call with our Talent Acquisition team member - Timed written assessment (arranged at a time that suits you) to test writing and analytical capability - Panel interview with some of the team members and hiring managers at Sibylline Research indicates that certain groups are less likely to apply for a position unless they meet every single requirement. If you feel you meet some of the requirements and can offer a unique perspective to this role, we strongly encourage you to apply—you might be the perfect fit we're looking for! Sibylline is committed to the recruitment and selection of candidates without regard for sexual orientation, gender, ethnicity, age, political beliefs, culture, and lifestyle. We are committed to fostering a business culture that reflects these values and promotes equal opportunity.