Senior Security Researcher (Phishing)

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Security Researcher (Phishing) based in the United Kingdom. In this role, you will operate at the forefront of cyber threat intelligence, actively investigating phishing ecosystems and disrupting malicious infrastructure used in modern cyberattacks. You will combine hands‑on research, data analysis, and human intelligence techniques to identify, capture, and neutralize phishing‑as‑a‑service (PhaaS) activity at scale. Working in a globally distributed security team, you will contribute directly to protecting millions of users by improving detection pipelines and strengthening threat intelligence capabilities. This position offers a unique blend of investigative research, adversary engagement, and analytical problem‑solving in a fast‑evolving cybersecurity landscape. You will also help translate research findings into actionable insights, reports, and improvements to internal systems and processes.

Accountabilities

• Conduct in-depth research into phishing‑as‑a‑service (PhaaS) ecosystems, including AiTM and device‑code phishing techniques.
• Identify, track, and recapture phishing infrastructure and datasets using intelligence‑led and investigative approaches.
• Perform human intelligence operations, including persona management, controlled engagements, and adversary interaction where appropriate.
• Analyze large and complex datasets to assess data quality and improve sourcing and detection pipelines.
• Support the development of security research outputs, including technical reports, threat analysis, and customer‑facing insights.
• Collaborate with cross‑functional teams to enhance data collection systems and improve automation and intelligence workflows.
• Investigate criminal underground activity, including deep and dark web ecosystems relevant to phishing operations.
• Contribute to continuous improvement of internal tooling, methodologies, and research frameworks.

Requirements

• 5+ years of experience in cybersecurity research, threat intelligence, security analysis, or similar roles.
• Strong understanding of modern phishing techniques, including phishing‑as‑a‑service (PhaaS), AiTM, and device code attacks.
• Experience analyzing cybercriminal ecosystems, including exposure to deep/dark web intelligence gathering.
• Hands‑on experience with human intelligence methods such as persona management, elicitation, and controlled engagement with threat actors.
• Strong analytical mindset with the ability to interpret complex datasets and extract actionable insights.
• Excellent written and verbal communication skills, with the ability to present technical findings clearly.
• High level of curiosity, autonomy, and comfort working in fast‑paced, distributed environments.
• Ability to collaborate effectively with global teams while working independently.
• Strong interest in cybercrime disruption and adversary‑focused research.
• Bonus: programming experience in Python, Go, or Rust for automation and analysis tasks.
• Bonus: experience with databases (SQL/NoSQL), data pipelines, or security analytics platforms.
• Bonus: familiarity with AI/LLM tools for data analysis or research acceleration.

Benefits

• Annual salary range of approximately £89,918 – £117,112 GBP / €104,311 – €135,935 EUR, depending on experience and location.
• Fully remote role with flexibility to work across the UK or eligible EMEA locations.
• Private healthcare and healthcare cash plan (UK‑based employees).
• Retirement savings plan with employer contribution.
• Paid holidays (14–16 days depending on region) plus generous PTO policies.
• Life insurance and income protection coverage.
• Flexible, remote‑first working culture with global collaboration.
• Opportunity to work on high‑impact cybercrime disruption initiatives protecting billions of digital identities.
• Learning and development opportunities in advanced threat intelligence and security research.