Data Science Lead, RQ

Arlington, VA
Engineering – Data Science & Research /
Full-time /
Remote
Apply for this job
Company Background
ThreatConnect enables threat intelligence, security operations, and cyber risk management teams to work together for more effective, efficient, and collaborative cyber defense. With ThreatConnect, organizations can infuse ML and AI-powered threat intel and cyber risk quantification into their work, allowing them to contextualize an evolving threat landscape, prioritize the most significant risks to their business, and operationalize defenses.  More than 250 enterprises and thousands of security operations professionals rely on ThreatConnect every day to protect their organizations’ most critical assets.

We offer a competitive benefits package with comprehensive insurance coverage, unlimited paid time off, and unique perks designed to help you meet your financial and personal goals.

We are committed to offering an employment experience and benefits package that enables you and your family to grow with us and share in our success. We love to recognize our employees who have gone above and beyond.

Job Description

We are expanding our Data Science leadership to accelerate innovation across risk modeling, explainable AI, and threat-to-risk analytics — and are looking for a mission-driven Lead Data Scientist with hands-on modeling expertise and a strong background in cybersecurity.

ThreatConnect is seeking a Data Science Lead to drive the next generation of loss and attack models that power our Risk Quantifier (RQ) platform. This is a player-coach role, combining hands-on modeling with leadership of a small but growing team of data scientists. The ideal candidate will have strong statistical modeling skills, experience working with cyber or risk data, and the ability to translate complex datasets into actionable, production-grade models that enable financial risk quantification at scale.

The ideal candidate should also have a working knowledge of modern cybersecurity practices and adversary behavior (e.g., MITRE ATT&CK), and a passion for turning complex data into actionable insights.

In this role, you’ll get to...

    • Model Development: Lead design and implementation of probabilistic and statistical models for loss magnitude, frequency, and attack path likelihood
    • Data Leadership: Expand and curate ThreatConnect’s risk data sets, including loss event data, CVE data (KEV, EPSS), MITRE ATT&CK coverage, control posture data, and third-party risk data
    • Player-Coach: Mentor a team of data scientists while remaining hands-on with modeling, code reviews, and experimentation
    • Cross-Functional Collaboration: Partner with Product, Engineering, and Threat Intelligence teams to operationalize models in RQ
    • Innovation: Research and apply advanced methods (Bayesian modeling, ML techniques) to continuously improve prediction accuracy and coverage
    • Quality & Governance: Ensure model transparency, explainability, and defensibility for customer and regulatory review. Lead the development of algorithmic models for CRQ, including threat likelihood, loss magnitude, control efficacy, and scenario simulation
    • AI: Guide the implementation of AI-enhanced modeling (e.g., LLMs, pattern mining) to support automation of risk scenario development and decision support

In the first month, we’ll expect you to...

    • Get up to speed on RQ’s current modeling architecture and data sets
    • Meet with Product teams to understand roadmap priorities and customer needs
    • Review and document the current loss and attack model coverage and gaps

At 3 months we’ll expect you to...

    • Deliver a prioritized roadmap for model improvements and new datasets to onboard
    • Stand up team operating rhythm (standups, backlog grooming, code review practices)
    • Deliver quick wins: Improved loss data normalization, updated attack-path models for top ATT&CK techniques

At 6 months we’ll expect you to...

    • Release at least one new or improved model into production (e.g., ransomware loss distribution, control effectiveness model)
    • Onboard additional data sources (loss event feeds, industry benchmarks, third-party telemetry)
    • Document model assumptions and publish an internal “Model Handbook” for transparency

At 12 months we’ll expect you to...

    • Establish repeatable pipelines for model training, validation, and deployment
    • Expand team capabilities (hire additional data scientists or analysts as needed)
    • Deliver measurable improvements to RQ outputs (accuracy, coverage, speed)
    • Present results to leadership, highlighting the ROI of improved models and datasets

Required Qualifications

    • 7+ years of experience in applied data science, quantitative modeling, or algorithm development
    • Strong understanding of cybersecurity principles, threat actor behavior, or risk frameworks (e.g., NIST CSF, MITRE ATT&CK, FAIR)
    • Proven ability to build and deploy risk or predictive models in enterprise environments
    • Proficiency in Python and familiarity with modeling libraries (e.g., NumPy, PyMC3, scikit-learn)
    • Experience with Git, Jira, and modern ML ops pipelines
    • Strong communication and storytelling skills for technical and non-technical audiences

Desired Qualifications

    • Experience building CRQ models in alignment with FAIR or related frameworks
    • Familiarity with simulating attack paths, graph-based reasoning, or control validation
    • PhD or advanced degree in data science, computer science, engineering, or related field
    • Experience with integrating models into SaaS platforms or cloud-native environments
    • Background in red/blue teaming, SOC data, or adversary emulation is a plus
Research shows that while men apply to jobs when they meet about 60% of job criteria, women and individuals from marginalized groups tend to apply only when they check every box. If you think you have what it takes but you’re not sure that you check every box, apply anyway!
Apply for this job

ThreatConnect Home Page

Jobs powered by Lever logo