Halcyon
Threat Analyst
Job Summary
Halcyon is seeking a skilled Threat Analyst with expertise in malware reversing and detection engineering to enhance their security products. The role involves analyzing security events, reverse engineering malicious binaries, and researching emerging ransomware techniques. Candidates should have experience with static and dynamic analysis tools, scripting, and malware research, along with collaboration skills to work with engineering and customer success teams. The position offers comprehensive benefits and an opportunity to contribute to innovative cybersecurity solutions focused on ransomware and threat detection.
Required Skills
Benefits
Job Description
What we do:
Halcyon is the industry’s first dedicated, adaptive security platform that combines multiple proprietary advanced prevention engines along with AI models focused specifically on stopping ransomware.
Who we are:
Halcyon was formed in 2021 by a team of cyber industry veterans after battling the scourge of ransomware (and advanced threats) for years at some of the largest global security vendors. Comprised of leaders from Cylance (now Blackberry), Accuvant (now Optiv), Fireye and ISS X-Force (now IBM), Halcyon is focused on building products and solutions for mid-market and enterprise customers.
As a remote-native, completely distributed global team, we recognize great talent can exist anywhere. We invite you to apply to a job you’re interested in and we'll work a plan to meet your needs.
- Monitor and analyze security events to detect, investigate, and escalate potential incidents. Correlate data across multiple sources to identify malicious activity and patterns.
- Triage and assess events to determine impact, contain incidents, and drive threat remediation.
- Reverse engineer Windows PE files and other malicious binaries using static and dynamic techniques to uncover capabilities, persistence methods, and indicators of compromise (IOCs).
- Design, develop, and maintain internal tools to support threat triage, correlation, and research (log parsers, incident tracking systems, custom sandboxes, etc.).
- Conduct malware analysis in disassemblers, debuggers, and sandbox environments to understand payloads, infection chains, and evasion techniques.
- Research and track evolving ransomware techniques, publishing findings to improve detection logic and response processes.
- Collaborate closely with Engineering and Customer Success to improve product resilience and ensure smooth customer communication during security events.
- Proficiency in malware reversing, with demonstrated expertise in analyzing Windows PE files, unpacking obfuscated samples, and extracting behavioral and static indicators.
- Hands-on experience with Yara, Python, and scripting languages (PowerShell, Batch, Bash/Shell).
- Advanced knowledge of static and dynamic analysis using tools such as IDA Pro, Ghidra, x64dbg, WinDbg, and Cuckoo or similar sandboxes.
- Familiarity with EDR evasion techniques, persistence mechanisms, and exploitation methods.
- Cloud exposure preferred: AWS experience (cloud log analysis, EC2/S3 security, threat hunting in cloud environments).
- Proven track record in cyber threat research, malware analysis, or security operations.
- Strong collaboration and communication skills, with the ability to explain technical findings to both technical and non-technical stakeholders.
Halcyon offers the following benefits to eligible employees:
- Comprehensive healthcare (medical, dental, and vision) with premiums paid in full for employees and dependents.
- 401k plan with a generous employer contribution.
- Short and long-term disability coverage, basic life and AD&D insurance plans.
- Medical and dependent care FSA options.
- Flexible PTO policy.
- Parental leave.
- Generous equity offering.
In accordance with applicable state and federal laws, the range provided is Halcyon’s reasonable estimate of the base compensation for this role. The actual amount may differ based on non-discriminatory factors such as experience, knowledge, skills, abilities, and location. Base pay is one part of the total package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and equity in the Company.
We understand it takes a diverse team of highly intelligent, passionate, curious, and creative people to develop the exceptional product we are building. Our dynamic team has incredible perspectives to share, just as we know you do, and we take great pride in being an equal opportunity employer.
Halcyon
Halcyon is the cyber resilience platform that Global 2000 companies rely upon to defeat ransomware-as-a-service-borne attacks. With the fastest endpoint recovery methods ever built and multiple layers of resiliency, including bypass and evasion protection, key capture and automated decryption, and data extortion prevention, the Halcyon platform enables attacks to be undone in minutes.
See more jobsSafe Remote Job Search Tips
Verify Employer Thoroughly
Research the company's identity thoroughly before applying. Check for a professional website with contacts, active social media, and LinkedIn profiles. Verify details across platforms and look for reviews on Glassdoor or Trustpilot to confirm legitimacy.
Never Pay to Get a Job
Legitimate employers never require payment for applications, training, background checks, or equipment. Always reject upfront payment requests or demands for bank details, even if they claim it's for purchasing necessary work gear on your behalf.
Safeguard Your Personal Information
Protect sensitive data like SSN, bank details, or ID copies. Share this only after accepting a formal, written job offer. Ensure it's submitted via a secure company system or portal, never through insecure channels like standard email attachments.
Scrutinize Communication & Interviews
Watch for communication red flags: poor grammar, generic emails (@gmail), vague details, or undue pressure. Be highly suspicious of interviews held only via text or chat apps; legitimate companies typically use video or phone calls.
Beware of Unrealistic Offers
If an offer's salary or benefits seem unrealistically high for the work involved, be cautious. Research standard pay for similar roles. Offers that appear 'too good to be true' are often scams designed to lure you into providing information or payment.
Insist on a Formal Contract
Always secure and review a formal, written job offer or employment contract before starting work or sharing final personal details. Ensure it clearly defines your role, compensation, key terms, and conditions to avoid misunderstandings or scams.