Senior Cyber Threat Researcher; Remote

Position: Senior Cyber Threat Researcher (Remote)

Company Description

Abb Vie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas – immunology, oncology, neuroscience, and eye care – and products and services in our Allergan Aesthetics portfolio. For more information about Abb Vie, please visit us at Follow @abbvie on X, Facebook, Instagram, You Tube, Linked In and Tik Tok.

Job Description

Abb Vie is seeking a talented Senior Cyber Threat Researcher to join and provide strategic leadership within our Cyber Threat Intelligence (CTI) team. Abb Vie’s CTI team is responsible for anticipating and understanding the evolving cyber threat landscape. Whether identifying emerging threats, discerning trends in adversary behavior, or collaborating with industry peers, we directly influence the organization’s security strategy by providing actionable, context-rich intelligence to decision-makers across all business units. This position can be remote anywhere in the U.S. Abb Vie’s Senior Cyber Threat Researcher is an advanced member of the Cyber Threat Intelligence (CTI) team, specializing in intelligence analysis and threat research. The role involves producing actionable intelligence products, conducting deep research on threat actors and campaigns, and delivering briefings to various audiences, including technical and executive stakeholders. In addition to core analysis responsibilities, the position oversees the growth and structure of related cyber security services, particularly the threat‑hunting service. This includes providing guidance and mentorship to hunters, influencing methodologies, and ensuring intelligence is effectively used to prioritize and support hunt activities. The role collaborates across multiple teams and helps connect intelligence insights to detection and response actions. Qualified candidates have a strong background in cyber security disciplines and are comfortable leading, advising, and communicating across business and technical units.

Responsibilities

• Discover, collect, analyze, and model cyber intrusion campaigns using internal security data, case investigations, and sourced intelligence.
• Research, produce, and deliver finished intelligence products and threat briefings to diverse audiences—including technical teams, business units, and senior executives—to inform tactical operations and strategic security planning.
• Develop and enhance capabilities for understanding adversary tools, tactics, and evolving infrastructure.
• Provide direct oversight, ownership, and continual maturation of the threat‑hunting service: develop service methodologies, set execution standards, and provide guidance and mentorship for full‑time and part‑time threat hunters; drive cross‑functional and crowdsourced hunt initiatives; ensure intelligence‑driven prioritization of hunt activities.
• Identify and recommend defensive improvements based on observations and insights from both threat intelligence and hunt activities.

Qualifications

• Bachelor's Degree with 7 years experience;

Master’s Degree with 6 years experience; PhD with 2 years experience. Experience in application program development. Work experience should be in cyber security disciplines.

• Strong background in cybersecurity, with significant time in cyber threat intelligence and additional experience in fields such as incident response, forensics, detection engineering, or CSIRT operations—bringing a well‑rounded perspective to the role.
• 5+ years in roles such as Intrusion Detection, Incident Response, Cyber Threat Intelligence, or similar security disciplines.
• Strong familiarity with standard threat frameworks (e.g., MITRE ATT&CK, Cyber Kill Chain), and hands‑on experience analyzing adversary tactics, techniques, and procedures (TTPs).
• Proficiency in creating detective content (e.g., SIEM correlation rules, Snort/YARA signatures) and supporting the deployment of these assets with technical teams.
• Capable of conducting static and dynamic malware analysis, as well as interacting with outputs from common…

Apply tot his job Apply To this Job