Threat Hunter - Security Operations Expert
Red Cell PartnersFull Time
Senior (5 to 8 years)
Candidates should possess a BA/BS or equivalent experience in Computer Science, Computer Engineering, Information Security, Security Studies, Intelligence, or a related field. They should have at least 5 years of experience in Information Security and/or Threat Intelligence, with demonstrated experience in technical threat analysis and research. In-depth knowledge of TCP/IP and other networking protocols, proficiency in scripting languages like Python, and familiarity with CTI research tools such as Maltego and the Elastic Stack are required. Experience applying structured analytical techniques, intelligence methodologies, threat modeling frameworks like MITRE ATT&CK, and knowledge of APT groups' activities, TTPs, motivations, and targeting patterns are essential. Experience with open-source intelligence-gathering tools is also necessary.
The Senior Threat Intelligence Analyst will lead efforts to track state-sponsored APT campaigns, mentor peers in intrusion analysis, and represent Recorded Future externally. Responsibilities include conducting proactive research on state-sponsored APT activity, synthesizing technical datasets, and producing high-impact client-driven intelligence, with a focus on Iranian APTs. They will establish and refine methods to track APT campaigns, hunt for threat actor infrastructure, identify and prioritize detection mechanisms, and continuously evaluate and improve threat intelligence workflows. The role also involves staying updated on APT tradecraft, collaborating with geopolitical and regional analysis teams, proposing new data sources and analytical methods, and supporting customer intelligence needs through the Analyst-on-Demand service.
Provides machine-readable threat intelligence solutions
Recorded Future provides threat intelligence in the cybersecurity industry by gathering and analyzing information about potential threats to organizations. Their intelligence is delivered in a machine-readable format, making it easy for clients like threat analysts and security teams to integrate with their existing systems. Unlike competitors, Recorded Future focuses on partnerships with Value Added Resellers (VARs) to enhance their offerings and provide comprehensive support. The company's goal is to help organizations lower the risk of cyber attacks through effective threat intelligence.