• Directly support cyber threat customers and ensure they realize the full value of the Intelligence product • Manage the customer's Falcon Intel Recon module • Serve as a cyber intel analytic interface between customers and the wider CrowdStrike intelligence team • Drive high levels of customer satisfaction and maintain strong ownership over customer relationships • Quickly triage and escalate noteworthy findings from Falcon Intelligence Recon to the respective customers • Guide customers through Falcon Intelligence Recon findings and provide subject matter expertise • Represent customers' feedback and requests to the Intelligence and Engineering teams • Plan and lead process improvement initiatives to improve overall customer satisfaction

Role Description As part of the Accenture Cyber Fusion Center in Prague, you will be part of a specialised team to deliver managed Threat Hunting operations to our clients. Our managed Threat Hunting service enables our clients to uncover threats that would otherwise remain hidden. You will be looking for the evidence of active threats within our clients' environments that bypass both preventative and detective controls using our delivery methodology and threat hunting tools and techniques. Qualifications - Proven Experience with Threat Hunting or Incident investigations (SOC/IR) - Experienced in using enterprise security solutions (such as SIEM and EDR) to conduct Investigations or Hunts - Strong knowledge of Windows internals and solid networking fundamentals - Strong understanding of common attack vectors and offensive tools and tactics - Understanding of enterprise architecture and large IT environment operations - Understanding of common malware types and behaviors and common infection vectors - Ability to identify attacker Tactics, Techniques, and procedures (TTPs) - Strong documentation and reporting skills - Solid presentation and communication skills - 3+ years of information security operations experience Requirements - Experience with Cloud environments - Experience with OT and ICS environments - Knowledge of system internals for Unix-based systems - Experience with reverse engineering and sandboxing technologies - Degree in relevant computer science/IT field - Security certifications, for example, but not limited to, GREM, GCFE, GCFA, CEH, GCIH - SIEM (Splunk, QRadar, Sentinel, …) and EDR (CrowdStrike, FireEye HX, Endgame, Defender ATP) experience - Experience with IoC lifecycle (development, organization, sharing, effective usage) - Experience with statistical/quantitative analysis methods and tools - Ability to develop small automation scripts and makeshift tools (Python, PowerShell, Bash, …) Benefits - You'll learn, grow and advance in an innovative culture that thrives on shared success, innovative and diverse ways of thinking and enables boundaryless opportunities that can drive your career in new and exciting ways - Opportunity to work on various interesting projects delivered to our global TOP 500 clients and with the newest trends in the cyber security area - Professional training and acquisition of crucial security certificates – from Offensive Security through CREST to SANS trainings and GIAC certifications - Ability to move between different teams with different specializations in either offensive or defensive security - Access to the cutting-edge cyber security products and solutions - Remote work

About SecurityScorecard: SecurityScorecard is the global leader in cybersecurity ratings, with over 12 million companies continuously rated, operating in 64 countries. Founded in 2013 by security and risk experts Dr. Alex Yampolskiy and Sam Kassoumeh and funded by world-class investors, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting; making all organizations more resilient by allowing them to easily find and fix cybersecurity risks across their digital footprint. Headquartered in New York City, our culture has been recognized by Inc Magazine as a "Best Workplace,” by Crain’s NY as a "Best Places to Work in NYC," and as one of the 10 hottest SaaS startups in New York for two years in a row. Most recently, SecurityScorecard was named to Fast Company’s annual list of the World’s Most Innovative Companies for 2023 and to the Achievers 50 Most Engaged Workplaces in 2023 award recognizing “forward-thinking employers for their unwavering commitment to employee engagement.” SecurityScorecard is proud to be funded by world-class investors including Silver Lake Waterman, Moody’s, Sequoia Capital, GV and Riverwood Capital. About the Role: You have spent years in the middle of it: tracking adversaries, monitoring underground forums, mapping infrastructure, and producing intelligence that actually got used. You know what a threat looks like before it becomes a headline. And you can explain what you found to someone who has never heard of a C2 server. As a Threat Researcher at SecurityScorecard, you will produce original intelligence that feeds our platform, drives our demand generation engine, and positions SSC as the most credible voice in cybersecurity research. Your work will appear in the reports that make BDRs get responses, the briefings that pull enterprise buyers to our events, and the data that underpins DriftNet's commercial expansion. This is not a back-office research role. Your output reaches customers, media, and the security community. What You Will Do: - Produce finished threat intelligence: monthly and quarterly research reports, blog posts, and executive briefings that translate complex technical findings into content that non-technical buyers can act on. - Hunt threats proactively: track adversary TTPs, monitor dark web and underground forums, map infrastructure, and identify signals before they become public. Gilad's team produces the major quarterly deep reports; you support the higher-cadence monthly output. - Deploy AI-assisted workflows: use LLMs and automation tooling to accelerate your research pipeline, improve synthesis quality, and increase output velocity. This is a core expectation, not a bonus. - Write automation code: build Python scripts and pipelines for data collection, API querying, signal extraction, and detection logic. Your code is part of what you ship, not a side task. - Leverage data extraction tools to pull intelligence from SSC's proprietary data platform, producing insights that marketing can self-serve on and that inform customer-facing content. - Present and evangelize: get on webinars, show up at customer events, and explain what the data means to a CISO, an insurance buyer, or a CFO. Your credibility as a practitioner is the draw. - Collaborate with marketing team to align research output with content calendar, customer event needs, and demand generation goals. - Contribute to SSC's published research presence: blog posts, reports, and media briefings that build brand and drive inbound pipeline. Required Qualifications: - 3-6 years of hands-on threat intelligence experience at a commercial vendor, financial institution, or intelligence-community organization with commercial output requirements. You have produced finished intelligence that went to paying customers or external audiences. - Proven written output: you have published research, written reports, or produced briefings that non-technical readers could act on. Work samples are required. - Software engineering baseline: you write Python as a standard part of your research workflow for automation, data collection, API querying, and pipeline building. You also deploy AI and LLM tooling as a daily force multiplier, not a novelty. - Proactive hunter mentality: you identify signals before they surface publicly. You have a process, not just a reactive monitoring habit. - Clear communication and synthesis: you write with precision and brevity. A 300-word brief for a CMO is as important as a 10-page whitepaper for a CISO. - Customer-facing capability: you can present research at an event, get on a webinar, and hold a room. Practitioner credibility is your advantage. - Bachelor's degree in Cybersecurity, Computer Science, Journalism, Political Science, or equivalent. Demonstrated output accepted in lieu of formal degree. Preferred Qualifications: - Background from a pure-play commercial TI vendor: Flashpoint, Recorded Future, Mandiant, CrowdStrike, Palo Alto Unit 42, Proofpoint, ZeroFox, Intel 471, Cybersixgill. - Financial services threat intelligence background: JPMorgan, Citigroup, Goldman Sachs, or equivalent TI teams where output is commercially oriented. - Published research, CVEs, conference presentations (Black Hat, DEF CON, RSA), or a recognized GitHub or blog presence. - Experience with DriftNet, Shodan, VirusTotal Intelligence, MISP, or comparable data platforms. - Detection engineering: YARA, Sigma, or Snort signature development. The ability to operationalize a research finding into a detection is a meaningful differentiator. - Familiarity with large-scale data pipelines or streaming platforms (Kafka, Splunk, or equivalent). SSC runs significant data infrastructure and understanding how signals flow through it matters. - Prior experience producing content that supported marketing, demand generation, or customer-facing commercial goals. Benefits: Specific to each country, we offer a competitive salary, stock options, Health benefits, and unlimited PTO, parental leave, tuition reimbursements, and much more! The estimated total compensation range for this position is $80,000 - 120,000 (base plus bonus). Actual compensation for the position is based on a variety of factors, including, but not limited to affordability, skills, qualifications and experience, and may vary from the range. In addition to base salary, employees may also be eligible for annual performance-based incentive compensation awards and equity, among other company benefits. SecurityScorecard is committed to Equal Employment Opportunity and embraces diversity. We believe that our team is strengthened through hiring and retaining employees with diverse backgrounds, skill sets, ideas, and perspectives. We make hiring decisions based on merit and do not discriminate based on race, color, religion, national origin, sex or gender (including pregnancy) gender identity or expression (including transgender status), sexual orientation, age, marital, veteran, disability status or any other protected category in accordance with applicable law. We also consider qualified applicants regardless of criminal histories, in accordance with applicable law. We are committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need assistance or accommodation due to a disability, please contact talentacquisitionoperations@securityscorecard.io. Any information you submit to SecurityScorecard as part of your application will be processed in accordance with the Company’s privacy policy and applicable law. SecurityScorecard does not accept unsolicited resumes from employment agencies. Please note that we do not provide immigration sponsorship for this position. #LI-DNI

• Run analytical / reporting component of Disaster Cycle Services Response Operations projects from requirements to deployment. • Identify opportunities across Disaster Cycle Services to streamline and enhance tools and processes and log appropriately (e.g., report catalog, overlap/redundancy, gaps). • Create compelling presentations and data visualizations to convey Disaster Cycle Services Response Operations information. • Build complex solutions & tools, to include automated data flows and models to eliminate manual workflows. • Serve as central point of contact and representative for a specific Disaster Cycle Services function, subject area, or data specialty. • Steward of data decisions, literacy, and governance for Disaster Cycle Services.