• Act as a key technical leader for securing global network infrastructure • Define and enforce network security architecture standards • Provide technical leadership and mentorship to security and network engineering teams • Lead network security assessments, including threat modeling and intrusion detection • Develop and deploy advanced security automation and tools • Collaborate with network engineers to integrate security controls • Participate in incident response efforts related to network security incidents • Drive the security review process for all network infrastructure or product changes • Promote security best practices through documentation and cross-team collaboration

• Define and enforce network security architecture standards • Provide technical leadership and mentorship to security and network engineering teams • Lead network security assessments, including threat modeling and intrusion detection • Develop and deploy advanced security automation and tooling • Collaborate with network engineers to integrate security controls and telemetry • Participate in incident response efforts related to network security incidents • Drive the security review process for all network infrastructure or product changes • Promote security best practices through documentation, tooling, and cross-team collaboration

• Define and enforce network security architecture standards. • Provide technical leadership to security and network engineering teams. • Lead network security assessments and threat modeling. • Develop and deploy advanced security automation and tooling. • Collaborate with network engineers to integrate security controls.

Role Description 10a Labs' Investigations Team is looking for a Principal Cyber Investigator to lead day-to-day operations and oversee quality across a cyber investigations team. This role requires senior cybersecurity expertise combined with the operational and leadership experience to manage a high-performing team, interface directly with client stakeholders, and set the standard for investigative and labeling output quality and consistency. In this role, you will: - Oversee day-to-day operations of the cyber investigations team, ensuring investigations are completed accurately, efficiently, and in accordance with outlined requirements and rubrics. - Serve as the senior technical authority on complex and escalated cases, making final determinations on real-world harm potential and offensive uplift. - Monitor and maintain quality metrics across the team, identifying gaps and implementing improvements to investigative processes and detection pipelines. - Interface directly with client stakeholders to communicate findings, surface emerging trends, and align on evolving policy and operational priorities. - Mentor and develop senior and junior investigators, providing guidance on technically demanding and ambiguous cases. - Lead threat actor analysis, synthesizing findings across cases to inform broader detection and mitigation strategies. - Query internal data sources via DQL and programmatically, and cross-reference open-source information (OSINT) to support investigations and validate team output. - Respond to critical escalations and on-call leads, including those not caught by existing safety systems. Qualifications - At least 9+ years of experience in cybersecurity, threat intelligence, Trust & Safety, national security, defense, intelligence, or law enforcement domains. - Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience. - Demonstrated experience leading or managing investigative teams, including oversight of quality, output, and team development. - Deep subject-matter expertise in one or more of the following: scaled data extraction, ransomware, local and remote exploits, or offensive security operations. - Familiarity with LLM systems and how AI technology can be misused for cyber operations. - Proven ability to serve as a final technical authority on complex cases, with a track record of sound judgment on harm potential and offensive uplift. - Strong SQL, Python, and other data language proficiency for querying data, supporting detection workflows, and validating investigative output. - Exceptional written and verbal communication skills, with experience presenting findings to senior stakeholders. - Ability to rapidly context-switch across domains, modalities, and abuse areas in a fast-paced, ambiguous environment. - Ability to clear an insider-threat background check. Preferred Qualifications - Experience working directly with or within frontier AI labs, large technology platforms, or Trust & Safety organizations. - Experience with threat intelligence frameworks such as MITRE ATT&CK. - Background in dark web monitoring, OSINT, or cross-platform threat analysis. - Experience building or scaling detection and mitigation pipelines. - Full professional proficiency in Arabic, Chinese, Farsi, Portuguese, Russian, or Spanish. - Active security clearance (Secret or above). - Relevant certifications such as OSCP, GREM, or GCTI. Benefits - Salary Range: $150K–$180K, depending on experience and location. - Work Environment: Fully remote, U.S.-based. - Health Benefits: Comprehensive health, dental, and vision coverage. - Time Off: Generous PTO and paid holiday schedule. - Retirement: 401(k) plan.