Threat Intelligence Analyst - Operational Outcomes
As a threat researcher for Insikt Group’s Operational Outcomes team, you’ll perform technical analysis alongside our highly skilled members and assist with research on cybercriminal and APT activities. This role supports client-driven finished intelligence reports on technical topics including analysis of malicious tools, infrastructure profiling, and threat actor TTPs. Previous research experience is required.
What You’ll Do as a Threat Intelligence Analyst:
- The primary function of this role is to perform technical threat intelligence research and analysis to respond to client requests for written reports regarding their high priority issues
- Develop network and host-based detection rules such as SNORT and YARA to detect APT or cybercriminal campaigns
- Support other threat intelligence analysts by analyzing malware associated with advanced threat actors to develop insights into actor infrastructure, tooling, and targeting
- Perform network analysis of malicious infrastructure
- Stay on top of developments within the malware landscape and track key developments by following publications, blogs, and mailing lists
What You’ll Bring (Required):
- BA/BS or equivalent experience in Computer Science, Computer Engineering, Information Security, or a related field
- 3+ years of experience in Information Security and/or Threat Intelligence
- Experience conducting technical threat analysis and research
- Experience writing network and endpoint signature detections using SNORT and YARA
- Scripting experience in Python, Go, Powershell, or Bash
- Knowledge of Windows operating system internals and the Windows API
- Knowledge of TCP/IP and other networking protocols
- Familiarity with analytic tradecraft, intelligence analysis and writing techniques and methodologies
- Excellent written and verbal communication; ability to convey complex technical and non-technical concepts
Highly Desirable Skills/Experience (not required):
- MA/MS or equivalent experience in Computer Science, Computer Engineering, Information Security, or a related field
- Programming experience in C, C++ or Java
- Experience with Windows, iOS, Android, MacOS or malware analysis
- Experience working directly with clients
- Knowledge of open source intelligence gathering tools and techniques
Why should you join Recorded Future?
From over 35 nationalities, our Futurists are the perfect recipe of humility, accountability, and collaborative attitudes. Our dedication to empowering clients with elite intelligence to disrupt adversaries has earned us a 4.7-star user rating from Gartner and 8 of the top 10 Fortune 100 companies as clients.
Want more info?
Blog & Podcast: Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence
Instagram & Twitter: What’s happening at Recorded Future
The Record: The Record is a cybersecurity news publication that explores the untold stories in this rapidly changing field
Timeline: History of Recorded Future
We are committed to maintaining an environment that attracts and retains talent from a diverse range of experiences, backgrounds and lifestyles. By ensuring all feel included and respected for being unique and bringing their whole selves to work, Recorded Future is made a better place every day.
Recorded Future will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.
Recorded Future is an equal opportunity and affirmative action employer and we encourage candidates from all backgrounds to apply. Recorded Future does not discriminate based on race, religion, color, national origin, gender including pregnancy, sexual orientation, gender identity, age, marital status, veteran status, disability or any other characteristic protected by law.