Job Description:
• Lead a team of engineers and analysts responsible for cyber threat intelligence, adversary tracking, and vulnerability research in support of Anduril's products, infrastructure, and personnel
• Set the strategy and roadmap for TAR, balancing long-running adversary tracking programs, opportunistic vulnerability research, and responsive support to partner teams
• Serve as DNR's senior point of contact for intelligence requirements from the detection and response, offensive security, and product security teams, translating their needs into prioritized team deliverables
• Partner with the detection and response team to ensure intelligence is operationalized into detections, hunts, and response playbooks
• Engage cross-functionally with offensive security and product security on red team engagements, product threat modeling, and vulnerability disclosure matters
• Provide regular briefings to senior leadership, program stakeholders, and government partners on the threat landscape, adversary activity against Anduril, and the team's assessments
• Build and maintain the team's analytic tradecraft, intelligence production standards, and tooling — including threat actor tracking systems, signature development (YARA, Snort, and similar), and intelligence data integration pipelines
• Lead complex investigations into targeted threat activity, supply chain compromise, and infrastructure-based campaigns affecting Anduril
• Cultivate relationships with external partners across the intelligence community, industry ISACs, and peer defense-industrial-base companies to enable joint capabilities and information exchange
• Hire, develop, and retain a high-performing team of intelligence analysts and research engineers
Requirements:
• 5+ years of experience in cyber threat intelligence, threat research, vulnerability research, or related fields
• 3+ years of experience leading teams and managing complex security programs
• Proven experience analyzing sophisticated threat actor campaigns — including nation-state, supply chain, and infrastructure-based activity — and developing durable countermeasures
• Strong understanding of cybersecurity principles across endpoint, application, network, and cloud environments
• Programming ability in one or more general purpose languages (Python, Go, Rust, etc.)
• Strong and professional written and verbal communication skills, including the ability to brief both technical and executive audiences
• Eligible to obtain and maintain an active U.S. Secret security clearance.
Benefits:
• Health insurance
• 401(k) matching
• Flexible work hours
• Paid time off
• Remote work options