Threat Hunter - Security Operations Expert
Red Cell PartnersFull Time
Senior (5 to 8 years)
Candidates should possess a BA/BS or equivalent experience in a relevant field such as Computer Science or Information Security, with a preference for 5+ years of experience in Information Security or Threat Intelligence. Required skills include demonstrated technical threat analysis and research experience, in-depth knowledge of TCP/IP and networking protocols, capability in infrastructure tracking via banner analysis and metadata correlation, experience with static and dynamic malware analysis, proficiency in scripting languages like Python, and familiarity with CTI research tools. Additionally, proven experience applying structured analytical techniques and intelligence methodologies, familiarity with threat modeling frameworks like MITRE ATT&CK, a detailed understanding of APT groups' activities and TTPs, and experience with open-source intelligence-gathering tools are necessary.
The Senior Threat Intelligence Analyst will lead efforts to track state-sponsored APT campaigns, mentor peers in intrusion analysis, and represent the company externally. Responsibilities include conducting proactive research on APT activity by synthesizing technical datasets, establishing methods to track APT campaigns using network and malware analysis, hunting for threat actor infrastructure across diverse data sources, and identifying/prioritizing detection mechanisms. The role also involves evaluating and improving threat intelligence workflows, staying updated on evolving APT tradecraft, collaborating with geopolitical teams, proposing new data sources and analytical methods, supporting customer intelligence needs, and collaborating with engineering and data science teams to integrate data and analytics into the platform.
Provides machine-readable threat intelligence solutions
Recorded Future provides threat intelligence in the cybersecurity industry by gathering and analyzing information about potential threats to organizations. Their intelligence is delivered in a machine-readable format, making it easy for clients like threat analysts and security teams to integrate with their existing systems. Unlike competitors, Recorded Future focuses on partnerships with Value Added Resellers (VARs) to enhance their offerings and provide comprehensive support. The company's goal is to help organizations lower the risk of cyber attacks through effective threat intelligence.