Cyber Threat Analyst
Chainlink LabsCanada5 hours ago
Full-timeRemote FriendlyInformation Technology
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
About Chainlink
Chainlink is the industry-standard oracle platform bringing the capital markets onchain and powering the majority of decentralized finance (DeFi). The Chainlink stack provides the essential data, interoperability, compliance, and privacy standards needed to power advanced blockchain use cases for institutional tokenized assets, lending, payments, stablecoins, and more. Since inventing decentralized oracle networks, Chainlink has enabled tens of trillions in transaction value and now secures the vast majority of DeFi.
Many of the world’s largest financial services institutions have also adopted Chainlink’s standards and infrastructure, including Swift, Euroclear, Mastercard, Fidelity International, UBS, S&P Dow Jones Indices, FTSE Russell, WisdomTree, ANZ, and top protocols such as Aave, Lido, GMX and many others. Chainlink leverages a novel fee model where offchain and onchain revenue from enterprise adoption is converted to LINK tokens and stored in a strategic Chainlink Reserve. Learn more at chain.link.
The Cyber Threat Analyst is responsible for conducting cyber threat intelligence analysis with a strong technical emphasis on infrastructure pivoting, malware analysis, and detection engineering in alignment with Chainlink Labs’ vision and objectives. The Analyst will play a critical role in proactively identifying, analyzing, and mitigating sophisticated cyber threats, dissecting malware and adversary techniques, conducting technical threat research, and developing detection methodologies to enhance security posture.
Your Impact
We carefully review all applications and aim to provide a response to every candidate within two weeks after the job posting closes. The closing date is listed on the job advert, so we encourage you to take the time to thoughtfully prepare your application. We want to fully consider your experience and skills, and you will hear from us regarding the status of your application shortly after the closing date.
Commitment to Equal Opportunity
Chainlink Labs is an equal opportunity employer. All qualified applicants will receive equal consideration for employment in compliance with applicable laws, regulations, or ordinances. If you need assistance or accommodation due to a disability or special need when applying for a role or in our recruitment process, please contact us via this form.
Global Data Privacy Notice for Job Candidates and Applicants
Information collected and processed as part of your Chainlink Labs Careers profile, and any job applications you choose to submit is subject to our Privacy Policy. By submitting your application, you are agreeing to our use and processing of your data as required.
Chainlink is the industry-standard oracle platform bringing the capital markets onchain and powering the majority of decentralized finance (DeFi). The Chainlink stack provides the essential data, interoperability, compliance, and privacy standards needed to power advanced blockchain use cases for institutional tokenized assets, lending, payments, stablecoins, and more. Since inventing decentralized oracle networks, Chainlink has enabled tens of trillions in transaction value and now secures the vast majority of DeFi.
Many of the world’s largest financial services institutions have also adopted Chainlink’s standards and infrastructure, including Swift, Euroclear, Mastercard, Fidelity International, UBS, S&P Dow Jones Indices, FTSE Russell, WisdomTree, ANZ, and top protocols such as Aave, Lido, GMX and many others. Chainlink leverages a novel fee model where offchain and onchain revenue from enterprise adoption is converted to LINK tokens and stored in a strategic Chainlink Reserve. Learn more at chain.link.
The Cyber Threat Analyst is responsible for conducting cyber threat intelligence analysis with a strong technical emphasis on infrastructure pivoting, malware analysis, and detection engineering in alignment with Chainlink Labs’ vision and objectives. The Analyst will play a critical role in proactively identifying, analyzing, and mitigating sophisticated cyber threats, dissecting malware and adversary techniques, conducting technical threat research, and developing detection methodologies to enhance security posture.
Your Impact
- Proactively track malicious infrastructure, hunt for new malware samples, and adversary tools to identify new adversary tooling, detection opportunities, and mitigation strategies.
- Create precise detection rules (e.g., YARA, Sigma) and develop custom tools and scripts to identify malicious activity proactively.
- Conduct deep-dive intelligence analysis and investigations related to suspicious activity and attempted attacks.
- Serve as an SME for malware reverse engineering, with a focus on ARM binaries.
- Maintain a working knowledge of adversarial tactics and techniques, and how they are being used to achieve current objectives.
- Collaborate with and support the investigations of other Cybersecurity Operations and Information Security teams.
- At least two years of experience in cyber threat analysis or threat investigations.
- Demonstrated a high-level understanding of recent cyber trends, campaigns, incidents, and threat actor groups.
- Familiarity with Vertex Synapse and its Storm scripting language or experience with similar intelligence analysis tools.
- Real-life experience in detection engineering, including using SIEMs and writing effective detection rules in YARA or Sigma.
- Experience using technical data sources like file repositories, passive DNS, or internet service scans for threat research purposes.
- Understanding of network protocols such as HTTP, DNS, TLS.
- Prior experience with automated malware sandboxes to analyze malicious samples and identify detection opportunities. Proficiency with reverse engineering tools, such as Binary Ninja and Ghidra.
- In-depth understanding of threats targeting the blockchain ecosystem, especially in relation to their tools and tradecraft, and how web2 threats affect web3 systems.
- Proven track record of building and maintaining logging, analysis, or enrichment pipelines, preferred languages include Python, Rust or Golang.
- Excellent verbal and written communication skills with prior experience in presenting research findings to internal and external stakeholders.
- Understanding of structured analytic techniques to help mitigate bias in analysis.
We carefully review all applications and aim to provide a response to every candidate within two weeks after the job posting closes. The closing date is listed on the job advert, so we encourage you to take the time to thoughtfully prepare your application. We want to fully consider your experience and skills, and you will hear from us regarding the status of your application shortly after the closing date.
Commitment to Equal Opportunity
Chainlink Labs is an equal opportunity employer. All qualified applicants will receive equal consideration for employment in compliance with applicable laws, regulations, or ordinances. If you need assistance or accommodation due to a disability or special need when applying for a role or in our recruitment process, please contact us via this form.
Global Data Privacy Notice for Job Candidates and Applicants
Information collected and processed as part of your Chainlink Labs Careers profile, and any job applications you choose to submit is subject to our Privacy Policy. By submitting your application, you are agreeing to our use and processing of your data as required.
Key Skills
Ranked by relevanceReady to apply?
Join Chainlink Labs and take your career to the next level!
Application takes less than 5 minutes