Our portfolio companies are always looking for great people. Apply to the opportunities below or send us your profile.

Sr. Middle Eastern Nation State Intelligence Analyst at Recorded Future
Boston, MA, US / District of Columbia, US / London, GB

Want to be part of shaping the future? Our breakthrough ability to unlock insights from the web radically improves intelligence and cyber threat visibility for our commercial customers. We’re a high-energy, fast-paced, and fast-growing company. You’ll need the ability to understand and adapt to rapid product and technology developments, as we improve our products in close partnership with customers. You’ll have the support of a seasoned executive management team and world-class investors.

The Insikt Group is Recorded Future’s threat research team. The word "insikt" is Swedish for insight and highlights our mission: finding insights in intelligence that reduce the risk for our clients, produce tangible outcomes, and prevents business loss. We’re attacking the challenge of threat intelligence with the broadest range of minds, sources, and methods that we can assemble. The Insikt Group is made up of analysts, linguists, and security researchers with deep government and industry experience.

Role: Threat Intelligence Researcher | Nation State Threats | Middle East Threats

We are looking for a highly motivated security researcher with strong technical skills and experience of tracking Middle East cyber threat actors to join us in researching some of the most advanced threat actors in the world. Insikt Group has developed a solid reputation in uncovering unique insight into cybercriminal networks and nation-state APTs.

Responsibilities include:

  • Have detailed technical knowledge of tools, tactics, and procedures (TTPs) of Middle Eastern (primarily Iranian) threat actor groups including APT33, APT34, APT35, and APT-C-23 to identify opportunities for new research, collection, and development of in-house analytics to benefit future research.
  • Develop tools and methods to identify Middle East APT malware (Shamoon, PupyRAT, etc) using retro hunting and advanced detection techniques in common malware multi-scanner repositories as well as within Recorded Future's exclusive collection.
  • Support other threat intelligence analysts to analyze malware associated with advanced threat actors to develop leads and insights into actor infrastructure, tooling, and targeting.
  • Stay on top of developments within the malware landscape and track key developments by following publications, blogs and mailing lists, etc.
  • Perform network analysis of malicious infrastructure related to Middle Eastern APT campaigns
  • Analyze malware used by Middle Eastern state-backed actors to identify leads for further analysis
  • Develop network and host-based detection rules such as SNORT, Yara to detect APT campaigns in line with Insikt research goals


  • Experience of publishing research on novel threats and research results
  • Demonstrable experience tracking Middle Eastern state threats  over multiple years [Essential]
  • 2+ years experience in static and dynamic malware analysis [Desirable]
  • 2+  years experience with reverse engineering tools (Ida Pro, OllyDbg, etc) [Desirable]
  • Demonstrable experience of conducting cyber threat investigations [Essential]
  • Knowledge of TCP/IP [Essential], Windows operating system internals and the Windows API [Desirable]
  • Experience in analyzing both desktop and mobile malware [Desirable]
  • Experience in the deobfuscation of malware, analysis of packers, malware decryption techniques [Desirable]
  • Scripting experience in Python, Go, Powershell, or Bash [Essential]
  • Practical experience using common threat intelligence analysis models such as MITRE ATT&CK, the Diamond Model, and the cyber Kill Chain

Candidate must be able to convey complex technical and non-technical concepts in verbal products, and excellent writing skills are mandatory.

Intelligence background is a plus.

Education: BA/BS or MA/MS degree or equivalent experience in Computer Science, Information Security, or a related field


Don't forget to check out our podcast! Join the Recorded Future team, special guests, and our partners from the CyberWire to learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence. All episodes are free and available on iTunes, GooglePlay, and Stitcher. 

Stay in touch with Balderton

Sign up for our newsletter to stay up to date on news from Balderton, and our portfolio.