Dragos Logo

Dragos

Associate Principal Adversary Hunter

Posted 18 Hours Ago
Be an Early Applicant
Remote
Hiring Remotely in United States
175K-175K Annually
Senior level
Remote
Hiring Remotely in United States
175K-175K Annually
Senior level
Lead expert-level adversary hunting for ICS/OT threats: own threat groups, author finished intelligence, run proactive/reactive hunts, support incident response, improve data/tooling (Synapse/StormQL), mentor peers, and represent Dragos externally through reports and briefings.
The summary above was generated by AI

Dragos is on a relentless mission to defend industrial organizations that provide us with the necessities of modern civilization; running water, functioning electricity, and safe industrial working environments. As the market leader in ICS/OT Cybersecurity, we are dedicated to arming our customers with best-in-class technology, threat intelligence, and services to protect their systems as effectively and efficiently as possible. We’re a remote-first culture with operations in North America, Europe, the Middle East, and APAC. We’re looking for mission-oriented teammates who embody our core values of authenticity, transparency, and trust. Are you ready to make a difference? Come join a mission that can save the world! 

About the Role: 

Our Threat Intelligence team is seeking an expert-level Adversary Hunter to serve as a recognized authority in tracking and disrupting threats targeting ICS/OT environments. In this autonomous role, you'll independently own one or more Threat Groups and Temporary Activity Threads (TATs), author authoritative intelligence products, and shape our analytical tradecraft. You'll lead proactive and reactive threat hunting engagements, collaborate across functions, and represent Dragos externally through publications, customer briefings, and industry events. As both a technical operator and force multiplier, you'll advance our data and tooling capabilities while elevating team expertise through mentorship and knowledge sharing. This is a role designed for a seasoned professional who operates with high autonomy, drives methodology development, and operates as a recognized subject matter expert.

Responsibilities: 

  • Provide expert-level coverage for one or more Threat Groups and TATs, independently authoring WorldView reports and representing the team as a subject matter expert in Year in Review (YIR) publications, customer briefings, webinars, and sales engagements. 
  • Champion cross-team collaboration to reduce stovepiping and proactively support WorldView triage and reporting pipelines, ensuring intelligence flows efficiently across functions.
  • Enhance and document analysis methodologies while independently tracking new Threat Groups and TATs beyond assigned scope as intelligence needs evolve.
  • Demonstrate proficiency in network telemetry tools (e.g., NetFlow, Censys, Shodan) and file-based analysis platforms (e.g., VirusTotal, Joe Sandbox) to conduct advanced threat hunting and adversary infrastructure tracking.
  • Leverage Synapse and Storm Query Language for advanced data modeling, threat hunting, and investigative workflows; continuously improve data interrogation tooling and identify automation opportunities to scale team output.
  • Lead threat hunting efforts during incident response engagements and provide advanced analytical support during high-priority surge incidents (e.g., PIPEDREAM-class events), operating with minimal oversight.
  • Serve as a recognized data and tooling subject matter expert within the team, driving knowledge transfer initiatives and elevating the analytical capabilities of peers and junior analysts. 

Qualifications: 

  • 5+ years of experience in threat intelligence, adversary tracking, intrusion analysis, or threat hunting, with demonstrated depth in ICS/OT-focused threat activity.
  • Proven ability to independently own and author finished intelligence products, including WorldView reports, YIR contributions, and customer-facing deliverables with minimal oversight.
  • Expert-level application of the Diamond Model, Kill Chain stages, and MITRE ATT&CK for ICS across complex, multi-stage intrusion investigations.
  • Hands-on proficiency with network telemetry tools (NetFlow, Censys, Shodan), file analysis platforms (VirusTotal, Joe Sandbox), and advanced working knowledge of Synapse and Storm Query Language for threat modeling and hunting automation.
  • Experience leading or significantly contributing to threat hunting operations during live incident response engagements, including high-tempo surge events.
  • Demonstrated ability to develop software tooling or analytical automation using Python, C#, or similar languages to enhance team workflows.
  • Strong analytical and written communication skills, with an external presence or track record of knowledge sharing through publications, conference presentations, webinars, or industry engagement.

Compensation: 

  • Salary: $175,000
  • Competitive Equity Package  
  • Comprehensive Benefits Plan 

 

#LI-JF1 #LI-REMOTE   



Dragos is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, state, or local laws. All new hires must pass a background check as a condition of employment.

Similar Jobs

35 Minutes Ago
Remote
United States
170K-225K Annually
Senior level
170K-225K Annually
Senior level
Artificial Intelligence • Legal Tech
Lead GC AI's privacy, data protection, and security compliance legal work: own GDPR/CCPA/CPRA posture, manage SOC 2/ISO programs, negotiate DPAs and security addenda, advise product and engineering on privacy-by-design and AI governance, support enterprise sales on security reviews, and maintain privacy/security playbooks.
Top Skills: Ccpa/CpraData Processing Agreement (Dpa)Eu Ai ActGdprIso 27001Iso 42001Nist Ai RmfPenetration TestingSoc 2Standard Contractual Clauses (Sccs)
38 Minutes Ago
Easy Apply
Remote or Hybrid
OH, USA
Easy Apply
93K-125K Annually
Senior level
93K-125K Annually
Senior level
Artificial Intelligence • Cloud • Computer Vision • Hardware • Internet of Things • Software
Lead and operationalize responses to subpoenas and eDiscovery demands; manage the end-to-end eDiscovery lifecycle; coordinate internal and external stakeholders; draft and improve policies and processes for customer data requests; monitor legal and regulatory developments; and act as project manager to drive litigation operations and legal tech–driven workflow improvements.
Top Skills: Data Collection ToolsE-Discovery ToolsEdiscovery PlatformsLegal Hold SystemsReview Platforms
39 Minutes Ago
Easy Apply
Remote or Hybrid
United States
Easy Apply
113K-145K Annually
Junior
113K-145K Annually
Junior
Artificial Intelligence • Cloud • Computer Vision • Hardware • Internet of Things • Software
Pre-sales Sales Engineer supporting Public Sector mid-market customers by demonstrating Samsara IoT solutions, running demos and proofs-of-concept, advising on hardware installation and data collection, building integrations via open APIs and scripting, and acting as the technical liaison between product and sales to drive adoption and upsell.
Top Skills: AIArduinoBashCan BusCloud SoftwareCloud-Connected HardwareComputer NetworkingComputer VisionIotJavaScriptOpen ApiPower Take Off (Pto)PythonRaspberry Pi

What you need to know about the San Francisco Tech Scene

San Francisco and the surrounding Bay Area attracts more startup funding than any other region in the world. Home to Stanford University and UC Berkeley, leading VC firms and several of the world’s most valuable companies, the Bay Area is the place to go for anyone looking to make it big in the tech industry. That said, San Francisco has a lot to offer beyond technology thanks to a thriving art and music scene, excellent food and a short drive to several of the country’s most beautiful recreational areas.

Key Facts About San Francisco Tech

  • Number of Tech Workers: 365,500; 13.9% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Google, Apple, Salesforce, Meta
  • Key Industries: Artificial intelligence, cloud computing, fintech, consumer technology, software
  • Funding Landscape: $50.5 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Sequoia Capital, Andreessen Horowitz, Bessemer Venture Partners, Greylock Partners, Khosla Ventures, Kleiner Perkins
  • Research Centers and Universities: Stanford University; University of California, Berkeley; University of San Francisco; Santa Clara University; Ames Research Center; Center for AI Safety; California Institute for Regenerative Medicine

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account