The OpportunityWe are looking for an investigative
Threat Intelligence Analyst to join our Cybersecurity team. You will be responsible for identifying, evaluating, and communicating threats to our organization. Your primary mission is to turn the "noise" of the global threat landscape into clear, actionable intelligence that our Security Operations Center (SOC) and leadership can use to protect our customers. You will also be instrumental in the building and development of our threat intelligence program, collaborating with various security functions, and proactively identifying and helping to mitigate risks.
Core Responsibilities- The Intelligence Cycle: Support all phases of the intelligence lifecycle - planning, collection, analysis, production, and dissemination - under the guidance of senior analysts.
- Adversary Research: Research known threat actors and groups, mapping observed Tactics, Techniques, and Procedures (TTPs) to the MITRE ATT&CK framework to help identify potential gaps in current defenses.
- Threat Landscape Monitoring: Monitor open sources, industry feeds, and relevant forums to contribute to "big picture" reporting on how the threat environment is evolving.
- Tactical Support: Collect and help validate technical Indicators of Compromise (IOCs) from malware reports and OSINT sources to support blocklist hygiene and reduce noise.
- Threat Intelligence Collection: Proactively research and collect threat intelligence from open-source intelligence (OSINT), commercial feeds, and internal security data.
- Reporting: Assist in producing written reports, including Flash Alerts for urgent threats and contributions to monthly blogs or executive summaries.
- Vulnerability Intelligence: Monitor vulnerability disclosures and exploit trends, surfacing relevant findings for review and escalation.
- Cross-Functional Collaboration: Work alongside technical teams (e.g., Incident Response, SOC) and help communicate threat findings to non-technical stakeholders in plain language.
Required Qualifications- Experience: 2-4 years of experience in cybersecurity, with at least 1-2 years in a threat intelligence, SOC, or closely related role.
- Knowledge: Working familiarity with the Intelligence Cycle and common threat frameworks (e.g., MITRE ATT&CK, Cyber Kill Chain, Pyramid of Pain).
- Research Skills: Hands-on experience with OSINT tools and techniques (e.g., Shodan, VirusTotal, WHOIS).
- Communication: Strong writing skills with the ability to summarize threats in a clear, business-relevant way.
- Analytical Mindset: Awareness of structured analytic techniques and a commitment to objective, evidence-based assessments.
Technical Skills & Tools- TIP: Exposure to or willingness to learn Threat Intelligence Platforms (e.g., ThreatConnect, OpenCTI).
- SIEM: Basic familiarity with SIEM systems and log-based investigation.
- Standard Formats: Awareness of STIX/TAXII protocols for threat intelligence sharing.
- Malware Literacy: Ability to read a sandbox report and extract basic indicators such as C2 infrastructure.
- Scripting: Exposure to Python or similar scripting for basic data tasks is a plus.
The Ideal Candidate- Holds or is actively pursuing a relevant certification (e.g., CompTIA Security+, BTL1, or working toward GCTI).
- Curious by nature - you don't just flag a malicious IP, you want to understand who is behind it and why.
- Follows security researchers and threat intel communities online to stay current on emerging threats and zero-day disclosures.
- Stays composed and methodical when supporting the team during active security incidents.
- Eager to grow into deeper adversary profiling, dark web research, and advanced analytic tradecraft over time.
