We help the world Be Everyday Ready

™

Today’s threatscape is relentless. So are we.At Cyderes, we specialize in building practical IAM, exposure management, and risk programs, and stopping active threats fast with MDR that works with your existing security tools — all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity, arming organizations with the people, platforms, and perspectives they need to conquer whatever tomorrow throws their way.

About the Job:

We are seeking a skilled and driven Dark Web Researcher to join our Threat Intelligence team. In

this role, you will leverage the CyberInt platform and a suite of dark web and threat actor monitoring tools to

proactively identify emerging risks, data exposures, and threat activity targeting our clients across industries such

as healthcare, education, and finance. You will play a key role in brand protection, leaked credential discovery,

social media risk analysis, and monitoring for phishing domains and attack surface exposures. Your research will

extend to initial access brokers (IABs) and dark web chatter that could signal intent or active targeting of our

clients. You'll also support our threat hunting operations by creating queries and validating whether observed

risks have materialized into active threats

Responsibilities:

Monitor and analyze dark web forums, marketplaces, Telegram channels, and leak sites using CyberInt and other OSINT/darknet tools.

Identify and assess:

Leaked credentials and sensitive data

Phishing domains and impersonation sites

Threat actor discussions mentioning client brands or environments

Sale of access by Initial Access Brokers (IABs)

Track emerging threat actor TTPs, malware families, ransomware groups, and underground ecosystem trends.

Correlate dark web findings with client infrastructure and attack surface to assess risk and exposure.

Develop threat hunting queries (e.g., using SIEM/EDR platforms) based on dark web discoveries to determine active targeting or compromise

Create concise, actionable intelligence reports to communicate risks to internal and client stakeholders.

Assist in incident enrichment, providing dark web context and attribution to ongoing investigations or IR cases

Stay current on major malware and ransomware variants, and support attribution or profiling work when actors reference client asset

Requirements:

3+ years of experience in threat intelligence, dark web research, or cybercrime investigations

Hands-on experience with CyberInt or similar dark web intelligence platforms (e.g., Flashpoint, Cybersixgill, KELA, Recorded Future)

Strong OSINT skills and familiarity with darknet environments and tradecraft

Understanding of malware families, ransomware operations, and threat actor group dynamics

Experience with brand protection monitoring, phishing detection, and social media threat analysis

Ability to write clear, intelligence-driven reports for technical and executive audiences

Familiarity with attack surface management and common enterprise exposure risk

Preferred Qualifications:

Experience tracking Initial Access Brokers (IABs) and ransomware affiliates

Knowledge of security risks specific to healthcare, education, and financial sectors

Basic scripting or automation skills (Python, Regex, etc.) for hunting or parsing data

Experience writing threat hunting queries (e.g., Splunk, Elastic, Sigma rules)

Previous consulting or client-facing experience in intelligence reporting or briefings

Additional Information

Cyderes is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race, religion, color, sex, age, disability, sexual orientation, genetic information, national origin, or veteran status.

Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.

Compensation

Threat Intelligence Researcher

Meet JobCopilot: Your Personal AI Job Hunter