Senior Cyber Threat Intelligence Analyst
SecurityScorecard is an industry-leading cybersecurity company backed by Google, Sequoia, and Riverwood. Our mission is to make the world a safer place. We measure your and your vendors' cyber-health by assigning a security rating of A through F based on outside-in, non-intrusive data. Our Comprehensive security ratings, advanced data analytics, and actionable insights discover Third-Party Vulnerabilities & Security Gaps In Real-Time.
Headquartered in NYC with over 200+ employees globally, raised over USD 110M, used by 1,000+ enterprise customers, and rating 1.5 million companies. We have created a new category of enterprise software, and our culture has helped us be recognized as one of the 10 hottest SaaS startups in NY for two years in a row.
Our vision is to create a new language for companies and their partners to communicate, understand, and improve each other’s security posture.
About the team
The investigations & analysis team is at the forefront of tracking and identifying advanced cyber threat campaigns (criminal and nation-state). This team is responsible for collecting and analyzing intelligence at scale and translating that intelligence into actionable insight, data signals that will feed the SecurityScordcard platform. The team will also act as subject matter experts for advanced threats in blogs, research, and conferences.
What you will do
As a Senior Intelligence Analyst, you will be required to perform all-source intelligence analysis to support collection requirements. You will be part of the investigations & analysis team, focusing on advanced threats and translating those threats into actionable insight. The role focuses on tracking cyber threat campaigns and translating actor Technique, Tactics & Procedures (TTP) into actionable signals. The team is a diverse set of individuals supporting the intelligence mission of SecurityScoreCard; you will be results-oriented, has strong attention to detail, and an overall team player.
- Conduct investigations into the nation-state and organized cyber-criminal activity with a focus on identifying new types of signals
- Assess the capabilities of threat actors and identify new methods for tracking and identification of new activity through Open Source and Private Source intelligence feeds
- Translate actor TTP into actionable insight (novel signals) that drive continuous product improvements
- Work with leadership to define intelligence requirements and collaborate with the Signals Collection team to implement collections automation
- You will also work with the Data Science team to come up with new ways of identifying new threat activity across the platform
- 5 years experience with cyber threat intelligence
- Experience in the tracking nation-state and cyber-criminal groups
- Working knowledge of malware, vulnerabilities, exploits, and networking protocols
- Familiar with the MITRE AT&CK framework
- Knowledge of intelligence industry standards (intelligence life cycle, analysis of competing hypothesis, diamond model)
- Top Secret clearance or the ability to get and maintain one
- Working knowledge of the intelligence community
- Published work or presented at conferences
- Strong analytical and problem-solving skills
- Must be able to thrive in a fast-past environment
- Strong written and verbal communication skills
We offer a competitive salary, stock options, a comprehensive benefits package, including health and dental insurance, unlimited PTO, parental leave, tuition reimbursements, and much more!
SecurityScorecard embraces diversity. We believe that our team is strengthened through hiring and retaining employees with diverse backgrounds, skillsets, ideas, and perspectives. We make hiring decisions based upon merit and do not discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.