Threat Intelligence Analyst
VultrSalary not specified
Full Time
Mid-level (3 to 4 years), Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
Cybersecurity, Information Technology, IntelligenceIndustries
Requirements
Candidates should have a BA/BS or equivalent experience in Computer Science, Computer Engineering, Information Security, Security Studies, Intelligence, or a related field. Preferably 5+ years of experience in Information Security and/or Threat Intelligence is required, along with demonstrated experience in technical threat analysis and research. In-depth knowledge of TCP/IP and relevant networking protocols, capability in identifying and tracking infrastructure through methods like banner analysis and metadata correlation, and experience with static and dynamic malware analysis are essential. Proficiency in scripting (Python preferred) and fluency with common CTI research tools such as Maltego, Jupyter Notebook, and the Elastic Stack are necessary. Proven experience applying structured analytical techniques and intelligence methodologies, familiarity with threat modeling and adversary tracking frameworks like MITRE ATT&CK, and a detailed understanding of existing APT groups’ past activities, TTPs, motivations, and targeting patterns are also required. Experience with open-source intelligence-gathering tools and techniques is needed.
Responsibilities
The Senior Threat Intelligence Analyst will lead efforts to track state-sponsored APT campaigns, mentor peers in intrusion analysis, and represent Insikt Group externally. Responsibilities include conducting proactive research on state-sponsored APT activity, establishing and refining methods to track APT campaigns, and hunting for threat actor infrastructure and activity across diverse technical data sources. The role involves identifying, prioritizing, and deploying detection mechanisms for command-and-control infrastructure, malware families, and threat groups. Continuously evaluating and improving threat intelligence workflows, staying up to date on evolving APT tradecraft, and mentoring colleagues on intrusion analysis tradecraft and threat intelligence best practices are key duties. Collaboration with geopolitical and regional analysis teams, proposing and evaluating new data sources and analytical methods, and representing Insikt Group externally as a subject matter expert are also part of the role. Additionally, the analyst will collaborate with engineering and data science teams to ensure effective integration of relevant data and analytics into the Recorded Future platform and support customer intelligence needs through Recorded Future’s Analyst-on-Demand service.
Skills
Threat Intelligence
APT Analysis
Intrusion Analysis
Malware Analysis
Network Analysis
Research
Reporting
Detection Engineering
Automation
Geopolitical Analysis
Recorded Future
Provides machine-readable threat intelligence solutions
About Recorded Future
Recorded Future provides threat intelligence in the cybersecurity industry by gathering and analyzing information about potential threats to organizations. Their intelligence is delivered in a machine-readable format, making it easy for clients like threat analysts and security teams to integrate with their existing systems. Unlike competitors, Recorded Future focuses on partnerships with Value Added Resellers (VARs) to enhance their offerings and provide comprehensive support. The company's goal is to help organizations lower the risk of cyber attacks through effective threat intelligence.
Somerville, MassachusettsHeadquarters
2009Year Founded
$57.1MTotal Funding
ACQUISITIONCompany Stage
CybersecurityIndustries
1,001-5,000Employees
Benefits
Professional development and career advancement
Flexible work environment, be yourself
Generous vacation policy
Wellness programs
Company outings
Competitive compensation and benefits
Free snacks, drinks, and coffee in the office
Parental leave program
Environmentally conscious
Risks
Integration challenges with Mastercard's systems could delay synergy realization post-acquisition.
The acquisition may shift strategic priorities, alienating clients preferring independent operations.
Competitive pressures from European cybertech firms may impact the Filigran partnership.
Differentiation
Recorded Future offers machine-readable threat intelligence for seamless integration with security systems.
The company indexes data from open, dark web, and technical sources for comprehensive insights.
Recorded Future partners with VARs, enhancing their reach and providing hands-on support.
Upsides
Mastercard's acquisition enhances Recorded Future's AI capabilities for improved cybersecurity services.
Integration with XDR platforms offers a comprehensive security approach for Recorded Future.
The rise of zero-trust models allows Recorded Future to tailor its threat intelligence offerings.
Related Jobs
RemoteRemoteIntelligence Analyst - Falcon Recon (Remote)
CrowdstrikeSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteStaff Security Researcher
ZscalerSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSr. Intelligence Analyst - Cloud Mission (Remote)
CrowdstrikeSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior API Engineer
UpworkSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSr. Security Researcher - Collection Operations Support (Remote)
CrowdstrikeSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteCyber GRC, Senior Risk Analyst (Remote)
CrowdstrikeSalary not specified
- Full Time
- Senior (5 to 8 years)