Anduril Industries is a defense technology company with a mission to transform U.S. and allied military capabilities with advanced technology. By bringing the expertise, technology, and business model of the 21st century’s most innovative companies to the defense industry, Anduril is changing how military systems are designed, built and sold. Anduril’s family of systems is powered by Lattice OS, an AI-powered operating system that turns thousands of data streams into a realtime, 3D command and control center. As the world enters an era of strategic competition, Anduril is committed to bringing cutting-edge autonomy, AI, computer vision, sensor fusion, and networking technology to the military in months, not years.
ABOUT THE TEAM
Anduril's Information Security team is looking for a Manager for its Threat & Attack Research (TAR) team to lead the team's efforts providing cyber threat intelligence, vulnerability research, and related services as part of the Detection and Response (DNR) organization. This work will support not only DNR but also offensive security, product security, and other security teams.
WHAT YOU'LL DO
- Lead a team of engineers and analysts responsible for cyber threat intelligence, adversary tracking, and vulnerability research in support of Anduril's products, infrastructure, and personnel
- Set the strategy and roadmap for TAR, balancing long-running adversary tracking programs, opportunistic vulnerability research, and responsive support to partner teams
- Serve as DNR's senior point of contact for intelligence requirements from the detection and response, offensive security, and product security teams, translating their needs into prioritized team deliverables
- Partner with the detection and response team to ensure intelligence is operationalized into detections, hunts, and response playbooks
- Engage cross-functionally with offensive security and product security on red team engagements, product threat modeling, and vulnerability disclosure matters
- Provide regular briefings to senior leadership, program stakeholders, and government partners on the threat landscape, adversary activity against Anduril, and the team's assessments
- Build and maintain the team's analytic tradecraft, intelligence production standards, and tooling — including threat actor tracking systems, signature development (YARA, Snort, and similar), and intelligence data integration pipelines
- Lead complex investigations into targeted threat activity, supply chain compromise, and infrastructure-based campaigns affecting Anduril
- Cultivate relationships with external partners across the intelligence community, industry ISACs, and peer defense-industrial-base companies to enable joint capabilities and information exchange
- Hire, develop, and retain a high-performing team of intelligence analysts and research engineers
REQUIRED QUALIFICATIONS
- 5+ years of experience in cyber threat intelligence, threat research, vulnerability research, or related fields
- 3+ years of experience leading teams and managing complex security programs
- Proven experience analyzing sophisticated threat actor campaigns — including nation-state, supply chain, and infrastructure-based activity — and developing durable countermeasures
- Strong understanding of cybersecurity principles across endpoint, application, network, and cloud environments
- Programming ability in one or more general purpose languages (Python, Go, Rust, etc.)
- Strong and professional written and verbal communication skills, including the ability to brief both technical and executive audiences
- Eligible to obtain and maintain an active U.S. Secret security clearance
PREFERRED QUALIFICATIONS
- In-depth knowledge of nation-state, sophisticated criminal, or supply chain threat actors, particularly those targeting the defense industrial base
- Hands-on experience with vulnerability research, reverse engineering, or exploit development
- Experience building or managing intelligence platforms and tooling, including fileand network-based signatures (YARA, Snort) and large-scale data analysis
- Track record of shipping production code for threat intelligence or security automation tooling
- Experience with Vertex Synapse or comparable threat intelligence platforms
- Established relationships within the broader security and threat intelligence community
- Experience communicating technical threat and risk concerns to non-technical stakeholders, including executive leadership and government partners
- Prior experience supporting or interfacing with offensive security, red team, or product security functions
US Salary Range
$129,000—$220,000 USD
The salary range for this role is an estimate based on a wide range of compensation factors, inclusive of base salary only. Actual salary offer may vary based on (but not limited to) work experience, education and/or training, critical skills, and/or business considerations. Highly competitive equity grants are included in the majority of full time offers; and are considered part of Anduril's total compensation package. Additionally, Anduril offers top-tier benefits for full-time employees, including:
Benefits
At Anduril, we invest in our people. Our comprehensive, competitive benefits package (available at little to no cost to employees) ensures you’re supported in health, recovery, and whatever comes next. For more information, Explore Our Benefits.
Protecting Yourself from Recruitment Scams
Anduril is committed to maintaining the integrity of our Talent acquisition process and the security of our candidates. We've observed a rise in sophisticated phishing and fraudulent schemes where individuals impersonate Anduril representatives, luring job seekers with false interviews or job offers. These scammers often attempt to extract payment or sensitive personal information.
To ensure your safety and help you navigate your job search with confidence, please keep the following critical points in mind:
**No Financial Requests: **Anduril will never solicit payment or demand personal financial details (such as banking information, credit card numbers, or social security numbers) at any stage of our hiring process. Our legitimate recruitment is entirely free for candidates.
Please always verify communications:
- Direct from Anduril: If you receive an email from one of our recruiters, it will only come from an
@anduril.comaddress. - Via Agency Partner: If contacted by a recruiting agency for an Anduril role, their email will clearly identify their agency. If you suspect any suspicious activity, please verify the agency's authenticity by reaching out to contact@anduril.com.
- Direct from Anduril: If you receive an email from one of our recruiters, it will only come from an
Exercise Caution with Unsolicited Outreach: If you receive any communication that appears suspicious, contains grammatical errors, or makes unusual requests, do not engage. Always confirm the sender's email domain is @anduril.com before providing any personal information or clicking on links.
What to Do If You Suspect Fraud: Should you encounter any questionable or fraudulent outreach claiming to be from Anduril, please report it immediately to contact@anduril.com. Your proactive caution is invaluable in protecting your personal information and upholding the security and trustworthiness of our recruitment efforts.
Data Privacy
To view Anduril's candidate data privacy policy, please visit https://anduril.com/applicant-privacy-notice/.
By submitting your application, you consent to Anduril Industries using a third-party service provider to conduct pre-employment risk, integrity, and due diligence screening and assessing potential risks as part of your application process. This third-party service provider provides risk-intelligence services that may include analysis of sanctions and watchlists, adverse media, public-record information, and other lawful open-source or commercial data sources. This third-party service provider does not act as a consumer reporting agency. Use of this provider helps to ensure compliance with applicable laws and protect technology, intellectual property, and organizational security.