Senior Threat Intelligence Researcher


US Remote; US Remote East Coast; US Remote Central; US Remote West Coast; Canada Remote; Canada Remote East Coast; Canada Remote West Coast


Awesome tech is made by awesome people. And we’re always looking for new team members who bring the energy, passion, commitment, and collaboration that has made Auth0 the great company it is today.

So what do we exactly build? Auth0 is an authentication and authorization platform designed by developers for developers. Basically, we make companies’ login boxes safe, secure, and seamless for anyone logging in. Our mission is to secure the world’s identities so innovators can innovate. But it’s a big mission that requires a lot of teamwork.

Words, code, or people, whatever your skill, there’s a place for you here

Auth0 is seeking a Senior Threat Intelligence Researcher to be a part of our Identity Security Domain. This domain combines the teams building and maintaining a range of security products that protect our customers and the Auth0 platform from ever-changing CIAM threats. They are the products that our customers depend on to protect their applications and it’s critical that they are dynamic, resilient, and accurate. Examples include Bot Detection, Breach Password Detection protection, and Adaptive MFA.

Identity Security is an exciting area of expansion for Auth0. We are looking for a Senior Threat Intelligence Operations Engineer who can help deliver our current product roadmap while also creating a culture of R&D that will ensure we are constantly innovating in the security space.

You will:

  • Research, design, develop, and build repeatable analytics, heuristics, rules-based detection and Machine Learning models around attacks, threats, adversaries, tactics/techniques/procedures (TTPs), indicators of compromise (IOC), and indicator attribution strength.
  • Use statistics, Python, and a distributed computing framework to manipulate data and draw insights from large data sets.
  • Analyze large structured and unstructured data sets to identify trends and anomalies that may indicate malicious cyber activities.
  • Gather information for reconnaissance, enumeration, or fingerprinting of systems.
  • Mentor team members and engineers on security best practices, and develop the next generation of technical security leaders.

You might be a good fit if you:

  • Have experience in several of the following areas: adversary emulation, cybersecurity operations, network security monitoring, host security monitoring, adversary hunting, modern adversary methodologies, analytical methodologies, and confidence-based assessments.
  • Have 5+ years security engineer experience
  • Strong experience with AWS data analytics services and security controls.
  • Experience with using and developing data warehouses, star and snowflake schemas, ETL automation, BI Visualization, and cloud-based data management tools
  • Experience with STIX/TAXII, threat intelligence concepts and knowledge of the Kill Chain, Diamond Model, and ATT&CK frameworks.
  • Have experience in applying a wide variety of Machine Learning techniques and an intuition for the strengths and weaknesses of each.
  • Have excellent communication skills and comfort in a globally distributed work culture.

Bonus Points:

  • You have a deep understanding of computer systems, identity protocols, networks, and information security concepts
  • Want to develop new ideas and techniques that advance the state of the practice for cyber threat intelligence and love brainstorming new data analytic techniques to identify security related anomalies in large data sets.
  • Have a passion for actionable data analysis and exploration.

Auth0 makes the internet safer by safeguarding billions of login transactions each month.

Our team is spread across more than 35 countries and we are proud to continually be recognized as a great place to work. Culture is critical to us, and we are transparent about our vision and principles. We practice N+1>N which applies to everything from our people to how we iterate our tech; we believe in one team, one score; and we give a shit about everything we do.

Research shows that candidates from underrepresented backgrounds often don’t apply unless they meet all the job criteria. We aren’t looking for someone who ticks every single box on a page; we’re looking for lifelong learners and people who can make us better with their unique experiences. If you think you’d be a great fit, then please get in touch to tell us about yourself.

Auth0, recently acquired by Okta, is an Equal Employment Opportunity employer. Auth0 conducts all employment-related activities without regard to race, religion, color, national origin, age, sex, marital status, sexual orientation, disability, citizenship status, genetics, or status as a Vietnam-era special disabled and other covered veteran status, or any other characteristic protected by law. Auth0 participates in E-Verify and will confirm work authorization for candidates residing in the United States.

Share this position

Apply now