Cyber Threat Intelligence Analyst

Our IT organization isn’t just here to support our business. We’re here to reinvent it – by changing how our customers, partners, and employees interact with our company. To do that, we’re looking for people who bring great ideas and improve our partners’ ideas. Intellectually curious advisors (not order takers) who focus on outcomes to creatively solve business problems. People who not only embrace change but who accelerate it.

Job Description

Our company, a global and dynamic technology enterprise, is a prime target for various malicious actors, from internal threats to opportunistic and highly persistent attackers. The Cyber Threat Intelligence (CTI) team plays a critical, central role in our global cybersecurity program, ensuring the smooth and timely operations of essential components like threat hunting and incident response.

Are you experienced in the full lifecycle of intelligence—collecting, analyzing, and disseminating finished intelligence? Have you collaborated effectively with security operations, leadership, and other key stakeholders?

If you are a team player excited by identifying trends, patterns, and emerging cyber threats, the CTI Analyst role is an excellent opportunity for you. This position offers a unique chance to leverage your knowledge and experience to significantly impact a global enterprise's security posture and decision-making. We are looking for a candidate who is comfortable and eager to provide senior leadership with timely cyber intelligence and share information that increases our critical understanding of the cyber threat landscape.

Responsibilities:

• Track emerging geopolitical events and related cyber threats by monitoring and analyzing OSINT, government advisories, and CTI vendor reports.

• Analyze global geopolitical trends to assess risks to the company's worldwide R&D, operations, supply chain, and customer base.

• Monitor and analyze the global threat landscape against tactical communications. 

• Proactively analyze geopolitical developments affecting the defense supply chain.

• Conduct research on Advanced Persistent Threat (APT)/nation-state actors, including their motivations and the Tactics, Techniques, and Procedures (TTPs) they employ.

• Correlate collected intelligence to continuously enhance and build upon the existing knowledge base of tracked threat activity.

• Perform ad-hoc OSINT and Social Media Intelligence (SOCMINT) investigations as required.

• Develop and contribute to strategic intelligence products, which include:

  • All-source intelligence reports supporting incident response, detection engineering, and threat hunting efforts.

  • Executive-level geopolitical threat summaries.

  • Ad-hoc analytic reports on critical specific events (e.g., conflicts, sanctions, elections).

  • Detailed threat actor profiles.

• Prepare and deliver executive-level threat briefings.

• Develop playbooks for effective utilization within the Threat Intelligence Platform (TIP).

• Formulate and recommend network defense strategies and actions to counter adversary activity.

• Provide direct support to the Incident Response (IR) team during active investigations.

• Assist in tracking and mitigating threats specifically targeting the specialized technologies manufactured by the company.

Skills and attributes for success:

• The role requires a dual focus: 

  • Targeted and Geopolitical Threat Intelligence (30-40% of time): Concentrating on specific, geopolitically relevant threats.

  • General Threat Intelligence (60-70% of time): Supporting both Enterprise Information Security (EIS) and the company's Products and Services.

• Possess strong critical thinking skills with the ability to connect seemingly disparate pieces of information to form cohesive, predictive assessments. 

  • Must have a genuine passion for both international affairs and cybersecurity, driven by a desire to understand the "why" behind events.

• Ability to write clearly and concisely. 

  • Must be able to translate complex geopolitical and technical concepts into easily understood business terms for a non-technical audience.

• Self-driven, creative, and capable of operating independently. 

  • Ability to manage and prioritize multiple tasks in a fast-paced environment, which may include non-standard work hours in response to Information Security incidents.

• A strong team player who is eager to learn, open to feedback, and willing to support the team's broader mission.

Basic Requirements

Requirements:

•  Bachelor’s degree in Cybersecurity, Computer Science, IT, or a related field.

• 3+ years of experience in intelligence (public or private sector), Cyber Threat Intel (CTI), or a related field (internships and co-ops are valid experience).

• Must be able to speak/read/write in English with Full Professional Proficiency. 

• Demonstrable foundational knowledge of the cyber threat landscape (key terminology like APT, TTPs, malware, phishing) and the intelligence lifecycle.

• Proven research and analysis skills using open-source methods (OSINT).

• Proven ability to gather, analyze, and interpret threat intelligence data from multiple sources.

  • Strength in identifying and extracting pertinent Indicators of Compromise (IOCs) from reporting and providing them to operational teams.

  • Writing sample (e.g., a university research paper, a sample analytic report) will be required during the interview process.

• Experience with OSINT and SOCMINT investigations. 

Desired:

• Bachelor’s degree in International Relations, Political Science, Security Studies, Intelligence Studies, or a related field.

  • OR a Bachelor’s degree in Cybersecurity, Computer Science, IT, or a related field.

• Industry certifications related to CTI, Pen Testing, Forensics, Networking, or Security (such as GCTI, GCIH, GCFE, GCFA, ATT&CK CT, Security+, Network+, etc.)

• Experience in programming or scripting (Python, SQL, PHP, PowerShell).

• Language proficiency certification (such as TOEFL/ACTFL/DLPT).

• Strength in uncovering relationships or trends using Maltego or other graphical link analysis tools to discover hidden relationships between IoCs.

• Experience with threat hunting for both indicator-based hunting (known threats) and hypothesis-driven hunting (unknown threats) through log analysis.

• Proficiency in a foreign language.