Threat Intelligence Analyst

Threat Intelligence Analyst - Full Time - Permament

• Location: Remote (U.S.-based) Ideally East Coast
• Citizenship Requirement: U.S. Citizen (Ability to meet eligibility requirements for U.S. government security clearance (current clearance not required).

About the Role

We are looking for an experienced Threat Intelligence Analyst to join our clients growing team. In this role, you'll deliver high-impact insights to our customers by analysing cyber threats and malicious activity across a wide range of attack types, including data leaks, underground criminal forums, phishing campaigns, scams, and more.

You'll work as part of their Threat Research and Product Strategy team, collaborating closely with colleagues across multiple time zones and departments to help protect customers from emerging threats.

What You?ll Do:

• Identify and assess potential cyber threats, evaluate risk levels, and develop reports tailored to diverse customer audiences.
• Conduct technical research using internal intelligence platforms, open-source tools, and attack data such as source code and metadata.
• Analyse adversary tactics, techniques, and procedures (TTPs) to provide deep context on active threats.
• Serve as a technical point of contact for strategic customers, particularly in North America.
• Respond to complex customer inquiries regarding active threats, contributing insights and analysis to ongoing investigations.
• Monitor global cybercrime trends and identify how threat actors exploit real-world events.
• Produce strategic and tactical intelligence reports covering threats, trends, and patterns.
• Collaborate with internal teams to enhance detection capabilities and mitigation strategies for current and emerging threats.
• Create and contribute to technical content, including whitepapers, blog posts, and customer briefings.

What We?re Looking For:

• Proven experience collecting, analysing, and reporting on threat intelligence data.
• Strong knowledge of deep and dark web ecosystems, including monitoring forums, marketplaces, and underground communities.
• Ability to distil complex technical information into clear insights for both technical and executive audiences.
• Proficiency in large-scale data analysis using tools like SQL, spreadsheets, and command-line utilities.
• Hands-on experience with threat hunting, code analysis, and dissecting online threats.
• Deep technical understanding of internet protocols and technologies (e.g., TCP/IP, DNS, HTTP, TLS, SMTP, JavaScript, Tor, blockchain).
• Familiarity with the internet infrastructure ecosystem, including CDNs, domain registrars, hosting providers, and cloud services.
• Strong organizational and problem-solving skills with a proactive mindset.
• Excellent communication skills, including top-tier written English.
• Willingness to continuously learn and adapt to new challenges.
• Ability to meet eligibility requirements for U.S. government security clearance (current clearance not required).

Bonus Points For:

• Fluency in additional languages.
• Knowledge of the MITRE ATT&CK framework and common attacker TTPs.
• Experience with malware analysis and network traffic analysis.
• Programming skills in languages such as Python, Node.js, Perl, PHP, etc.
• Broader software development experience (backend or frontend).
• Relevant academic qualifications.
• Public speaking experience.
• Published work on cybersecurity topics, such as blog posts or articles.

Why Join?

• Collaborate with a talented, global team working to tackle real-world cyber threats.
• Flexible remote work options within the U.S.
• Opportunities for career growth and technical development.
• Make a meaningful impact protecting organizations from online threats.