Senior Threat Intelligence Analyst

This Role: As a Threat Intelligence Analyst for Insikt Group’s Strategic and Persistent Threats team, you will contribute to APT campaign tracking initiatives and support Recorded Future clients in the fulfillment of their intelligence requirements via our Analyst on Demand service. This role supports both client-driven finished intelligence reports on cyber espionage-related topics, as well as internally-driven research and monitoring efforts into threat actor infrastructure, tools, and TTPs. Your research will be largely focused on threats emanating from North Korea.

What You’ll Do as a Senior Threat Intelligence Analyst: 

• Support the fulfillment of client priority intelligence requirements via Recorded Future’s Analyst on Demand service
• Synthesize multiple technical datasets to derive novel insights and reporting related to North Korean APT activity
• Establish methods of tracking North Korean APT campaigns using a combination of network, intrusion, and malware analysis skills
• Identify new datasets to ingest and propose new analytics which can be developed to improve and/or automate portions of the intelligence cycle
• Serve as a subject matter expert on North Korean state-sponsored threat activity
• Work with the Operational Outcomes team to identify, prioritize, and deploy various detection mechanisms for malware families and threat actor groups of interest
• Stay on top of developments within the APT threat landscape and track key developments by following publications, blogs, and mailing lists

What You’ll Bring to the Senior Threat Intelligence Analyst role (Required):

• BA/BS or equivalent experience in Computer Science, Computer Engineering, Information Security, Security Studies, Intelligence, or a related field
• 5+ years of experience in Information Security and/or Threat Intelligence
• Demonstrable experience conducting technical threat analysis and research
• Knowledge of TCP/IP and other networking protocols
• Hands-on experience with structured analytical techniques, the intelligence cycle, and intelligence writing techniques and methodologies
• Experience clustering and tracking multiple state-sponsored activity groups using techniques such as the Diamond Model of Intrusion Analysis
• Experience helping to develop intelligence requirements
• Experience working directly with clients
• Knowledge of open source intelligence gathering tools and techniques
• Excellent written and verbal communication; ability to convey complex technical and non-technical concepts
• Excellent interpersonal and teamwork skills; ability to work with globally distributed team members

Highly Desirable Skills/Experience (not required):

• MA/MS or equivalent experience in Computer Science, Computer Engineering, Information Security, or a related field
• Experience writing network and endpoint signature detections using SNORT and YARA
• Programming experience in Python, C, C++, or Java
• Familiarity with platforms such as MISP, Kibana, Maltego, and ElasticSearch
• Experience with Windows, iOS, Android, MacOS or malware analysis
• Proficiency in a high priority foreign language: preference for Korean or Japanese. Other Asian languages are also desirable.

Why should you join Recorded Future?
With over 700 employees, $200M ARR, 1,000 clients, and rapid year-over-year growth, Recorded Future is the world’s largest privately-held security intelligence company! Recorded Future employees (or “Futurists”), represent over 35 nationalities and embody our core values of being passionate, practicing inclusion, and acting ethically. Our dedication to empowering clients with intelligence to disrupt adversaries has earned us a 4.7-star user rating from Gartner and 8 of the top 10 Fortune 100 companies as clients.

Want more info? 
Blog & Podcast: Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence
Instagram & Twitter: What’s happening at Recorded Future
The Record: The Record is a cybersecurity news publication that explores the untold stories in this rapidly changing field
Timeline: History of Recorded Future
Recognition: Check out our awards and announcements

We are committed to maintaining an environment that attracts and retains talent from a diverse range of experiences, backgrounds and lifestyles.  By ensuring all feel included and respected for being unique and bringing their whole selves to work, Recorded Future is made a better place every day.

If you need any accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to our recruiting team at careers@recordedfuture.com 

Recorded Future is an equal opportunity and affirmative action employer and we encourage candidates from all backgrounds to apply. Recorded Future does not discriminate based on race, religion, color, national origin, gender including pregnancy, sexual orientation, gender identity, age, marital status, veteran status, disability or any other characteristic protected by law.

Recorded Future will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.