Investigator - Huntsville, AL

Job Description

SpyCloud is on a mission to make the internet a safer place by disrupting the criminal underground. SpyCloud’s solutions thwart cyberattacks and protect more than 4 billion accounts worldwide. Cybersecurity is an exciting, evolving space, and being at the forefront of the fight to disrupt cybercrime makes SpyCloud a special place to work. If you’re driven to align your career with a fantastic mission, look no further! SpyCloud collects recaptured breach data, malware-exfiltrated credentials, session cookies, and commercially available information at scale. The Investigations team turns that data into investigative reports and analytical products — attribution packages, infrastructure assessments, identity exposure reports, and analytical support for government and enterprise customers. This is a customer-facing role supporting government and IC-aligned customers across a range of national security mission areas. The analyst will conduct original investigations, respond to requests for information, deliver training and capability demonstrations to cleared personnel, and develop AI-assisted analytical workflows using SpyCloud’s platform and tooling. What You’ll Do: Investigations Conduct all-source investigations using breach data, malware-exfiltrated logs, OSINT, and commercially available information to attribute threat actors, map adversary infrastructure, and assess identity and credential exposure. Respond to requests for information from government and program stakeholders, producing analytical reports and investigation packages on short timelines. Analyze infostealer log files to extract credential exposure, behavioral indicators, and infrastructure intelligence relevant to ongoing analytical requirements. Pivot across SpyCloud data using the Investigations Portal, API, and Python-based notebooks to develop leads and close attribution gaps. AI-Assisted Analysis