TRM Labs
Business Recruiter
NewSecurity
TRM Labs provides AI-powered intelligence solutions that help public and private sector agencies investigate and disrupt crime. TRM's platforms enable investigators to trace illicit activity, build cases, and construct operating pictures of threat networks. Leading agencies and businesses worldwide rely on TRM to make the world safer and more secure.
Sector Engagement Leads own the relationships that drive our mission forward. You will be the primary point of contact for dozens of organizations in your sector, selected from the hundreds of critical-infrastructure entities we serve. Your mandate: earn their trust, ensure they are operational on our platform, and translate complex threat intelligence into immediate defensive actions. This is a builder's role. We are looking for leaders who can solve high-stakes problems and scale a critical function from a standing start. If you are energized by delivering real-world impact in under-resourced environments, this is your team.
The impact you will have
Execute sector-wide engagement. Own the end-to-end adoption and defensive outcomes for your portfolio of SLTT and critical-infrastructure entities.
Accelerate operational capability. Partner with Solutions Engineering to move entities from provisioning to active operation on TRM's platform through agentic CTI/IR workflows.
Operationalize intelligence. Convert sector threat activity and entity findings into prioritized, plain-language guidance that small teams can act on immediately.
Strengthen the ecosystem. Build durable partnerships with fusion centers, sector ISACs (Health-ISAC, WaterISAC, MS-ISAC), CISA, and law enforcement to amplify collective defense.
Drive the feedback loop. Identify sector patterns for the Threat Intelligence team and advocate for the field's needs in product and program strategy.
Scale the model. Define engagement playbooks, success metrics, and onboarding standards as the program expands.
Advocate for your sector. Represent your community's interests to TRM leadership and external government stakeholders.
What we're looking for
8+ years of relevant experience. Proven track record in public sector security, critical-infrastructure defense, or customer-facing technical roles, specifically earning trust with resource-constrained stakeholders.
Sector authority. You have deep credibility in your focus area. You understand how these organizations operate and why generic security guidance fails.
CTI fluency. Ability to analyze threat intelligence, determine what is critical, and translate it into a tactical plan for an operational team.
Bias toward action. You anticipate roadblocks and drive outcomes independently. You frame work in short, aggressive timelines and iterate rapidly.
Strategic clarity. You resolve ambiguity for diverse audiences: entity operators, government partners, and internal teams.
Bias to action / TRM Speed. You frame work in short, real timelines, run fast learning loops, and move when the plan stops working.
Mission commitment. You are motivated by protecting essential services and exercising sound judgment in sensitive government contexts.
Location. This is a US-based remote role, with a preference for the Washington, DC metro area for proximity to government stakeholders.
Onsite meetings & events. Expect periodic in-person meetings with government and entity stakeholders, and to serve as TRM's on-the-ground presence at select cyber threat intelligence (CTI) and critical-infrastructure (CI) events and conferences. Travel is estimated at ~25–40%.
On-call & first response. You'll help build and share an on-call rotation with teammates, taking turns as first responder for your cohort when an entity is in an active incident.
Working hours. Maintain meaningful overlap with U.S. business hours for stakeholder collaboration, and be reachable during active incidents per the on-call schedule.
Nice to have
Former practitioner in your sector (e.g., hospital, utility, county/city, or district security or operations leadership).
Active relationships with the relevant sector ISAC, fusion centers, CISA regional advisors, or relevant law enforcement.
Experience standing up or running a collective-defense, SLTT, or public-private security program.
Familiarity with ransomware tradecraft, incident response, and the value of cryptocurrency/payment tracing.
OT/ICS experience (especially for the Water & Critical Infrastructure focus).
Experience operating in fast-moving, ambiguous, standing-start environments.
What success looks like
Your cohort is fully operational and actively using TRM capabilities to defend their environments.
Entities have taken documented defensive actions based on your guidance, resulting in incident avoidance or containment.
You are the first-call partner for your entities, sector ISACs, and fusion centers.
You have established the engagement playbook and success metrics that define the future of the program.
Every entity in your cohort is onboarded onto the platform and actively using the workflows, with ≥80% active month over month.
A measurable, quarter-over-quarter drop in your cohort's internet-exposed and known-exploited (KEV) vulnerabilities.
Median time from onboarding to an entity's first independent, unaided use of a workflow under 14 days.
Tailored, plain-language advisories delivered to your entities with documented action taken on the highest-severity items (delivered and acted on).
An active sector peer community where a lesson learned at one entity is adopted across the cohort.
Every entity reaches "measurable defensive use," contributing to the program's sector coverage goals.
About the team
This team is dedicated to cybercrime and SLTT-resilience. Our goal is to provide real defensive capability to the country's most under-resourced organizations: rural hospitals, water utilities, and school districts. We achieve this by putting the Orion platform and agentic threat-intelligence workflows directly into their hands. We measure success by problems resolved, not alerts sent. For us, an alert is not an outcome.
We are building a safer world. That promise shows up in how we work every day.
TRM moves quickly. We are a high velocity, high ownership team that expects clarity, follow-through, and impact. People who thrive here are energized by hard problems, experimentation, and continuous feedback. If something takes months elsewhere, it will ship here in days.
Our work sits at the intersection of AI, national security, and fighting crime. The problems are complex, the stakes are real, and the environment evolves quickly. The pace and intensity of the work reflect the importance of the mission. As a result, the way we operate requires a high level of ownership, adaptability, collaboration, and creative problem-solving.
At TRM, you should expect:
Priorities and targets to change quickly as we experiment and iterate
Work that often requires operating with a high degree of ambiguity
A high level of personal ownership and accountability
Close collaboration across teams and functions
Frequent, high-touch communication
Creative problem solving and out-of-the-box thinking
A pace that rewards urgency, adaptability, and outcomes
This environment is energizing for people who enjoy building, solving hard problems, and making progress in situations that are not always fully defined. It also requires comfort navigating ambiguity, adjusting course as new information emerges, and maintaining focus and positivity in a fast-moving and intense environment.
We also recognize that this style of operating is not for everyone. If you are primarily optimizing for predictability or a consistently balanced workload, we encourage you to use the interview process to pressure test whether this environment is truly the right fit. We want teammates who thrive here, not just survive here.
At the same time, many people find this work deeply rewarding. If you are excited by meaningful problems, motivated by ambitious goals, and energized by working alongside mission-driven colleagues, there is a good chance you will find TRM to be an exceptional place to grow and contribute. Learn more: Interviewing at TRM: How We Hire and What Success Looks Like
AI fluency is a baseline expectation at TRM.
We believe AI meaningfully changes how top performers operate. We expect every team member to use AI to accelerate and reimagine their craft, not just automate surface tasks.
At TRM, AI fluency means you are among the top 10 percent of operators in your function in how you apply AI to:
Accelerate repeatable workflows
Structure and solve problems
Improve output quality
Increase speed and leverage
You will be evaluated on applied AI fluency during the interview process.
We hire and grow against three leadership principles. They’re the standards for how we operate, treat each other, and make decisions.
Impact-Oriented Trailblazer: We put customers first and move with speed, focus, and adaptability. We treat every plan like an experiment – test, ship, measure, and iterate quickly.
Master Craftsperson: We care deeply about our craft. We balance speed with high standards, own outcomes end‑to‑end, and invest in getting better everyday.
Inspiring Colleague: We add clarity and energy, not noise. We bring humility, candor, and a one‑team mindset — giving and receiving feedback to make the team stronger.
At TRM we care deeply about our craft. We are looking for individuals who want their work to matter, who experiment with speed and rigor, and who take pride in building a safer world for billions of people. If you’re excited by TRM’s mission but don’t check every box, we encourage you to apply — we hire for slope, judgment, and the will to learn fast.
TRM is a Series C company with $220M in total funding, backed by Blockchain Capital, Goldman Sachs, Bessemer, Y Combinator, Thoma Bravo, and others. Headquartered in San Francisco, TRM operates as a distributed-first company with hubs in Los Angeles, San Francisco, New York, Washington D.C., London, and Singapore.
By submitting your application, you agree to allow TRM Labs to process your personal information in accordance with our Privacy Policy.
We collect the information you provide (such as your resume, work history, and contact details) solely for the purpose of evaluating your candidacy for current and future roles at TRM.
Because our hiring cycles for certain positions may span 24 to 36 months, we retain your personal information for up to 36 months from the date of your application. After that period, your data is deleted unless a different retention period is required or permitted by law.
If you are located in the European Economic Area, the United Kingdom, or another jurisdiction with applicable data protection laws, you have the right to access, correct, or request deletion of your personal data at any time before that period ends. To exercise any of these rights, contact us at privacy@trmlabs.com.
To notify TRM Labs that you believe this job posting is non-compliant, please submit a report through this form. No response will be provided to inquiries unrelated to job posting compliance.
The use of AI tools of any kind (including but not limited to notetakers, interview assistants, and real-time coaching tools such as Otter.ai, Fireflies, Fathom, Cluey, or similar) during TRM interviews is not permitted without prior approval from TRM. TRM uses its own internal tools for note-taking to ensure a consistent and confidential experience for all candidates.
We are committed to providing reasonable accommodations to applicants with disabilities, and requests can be made via this form.
TRM Labs does not accept unsolicited agency resumes. Please do not forward resumes to TRM employees. TRM Labs is not responsible for any fees related to unsolicited resumes and will not pay fees to any third-party agency or company without a signed agreement.