Find your next cybersecurity opportunity


Senior Threat Intelligence Analyst

Recorded Future

Recorded Future

Boston, MA, USA
Posted on Friday, August 25, 2023

With 1,000 employees, over $250M in sales, 1,500+ clients, and rapid year-over-year growth, Recorded Future is the world’s most advanced, and largest, intelligence company!

This Role: As a threat researcher for Insikt Group’s Strategic and Persistent Threats team, you will contribute to APT campaign tracking initiatives, support our Analyst on Demand service, mentor your colleagues on all things intrusion analysis, and represent Insikt Group’s research externally. This role supports both client-driven finished intelligence reports on cyber espionage-related topics, as well as internally-driven research and monitoring efforts into threat actor infrastructure, tools, and TTPs. Your research will be focused on state-sponsored cyber threats emanating from Russia.

What You’ll Do Sr Threat Intelligence Analyst:

  • Synthesize multiple technical datasets to derive novel insights and reporting related to Russian state-sponsored APT activity;
  • Establish methods of tracking APT campaigns using a combination of network, intrusion, and malware analysis skills;
  • Hunt for threat actor activity in multiple technical datasets;
  • Support the fulfillment of client priority intelligence requirements via Recorded Future’s Analyst on Demand service;
  • Mentor your colleagues on intrusion analysis and threat intelligence best practices;
  • Identify new datasets to ingest and propose new analytics which can be developed to improve and/or automate portions of the intelligence cycle;
  • Serve as a subject matter expert on Russian state-sponsored threat activity to customers and/or the public via media engagements;
  • Drive prioritization, development, and deployment of network signatures to detect activity from malware families of interest;
  • Stay on top of developments within the APT threat landscape and track key developments by following publications, blogs, and industry trust groups;
  • Work with engineering and data science teams to ensure relevant data and analytics are designed, developed, and deployed properly in the Recorded Future platform.

What You’ll Bring as Sr Threat Intelligence Analyst (Required):

  • BA/BS or equivalent experience in Computer Science, Computer Engineering, Information Security, Security Studies, Intelligence, or a related field
  • 5+ years of experience in Information Security and/or Threat Intelligence
  • Demonstrable experience conducting technical threat analysis and research
  • Demonstrable experience with structured analytical techniques, the intelligence cycle, and intelligence writing techniques and methodologies
  • Fluency in common CTI research and data analysis platforms/tools such as the ELK Stack (ElasticSearch, Kibana), Maltego, Shodan, DomainTools, or other similar tools/datasets
  • In-depth understanding of TCP/IP and other networking protocols and network traffic analysis techniques
  • Detailed understanding of existing Russian APT groups - past activities, TTPs, motivations, etc.
  • Experience working directly with clients
  • Excellent written and verbal communication; ability to convey complex technical and non-technical concepts in both written and verbal formats
  • Excellent interpersonal and teamwork skills; ability to work with globally distributed team members

Highly Desirable Skills/Experience (not required):

  • MA/MS or equivalent experience in Computer Science, Computer Engineering, Information Security, or a related field
  • Scripting capabilities (Python preferred)
  • Experience writing network and endpoint signature detections using SNORT, YARA, SIGMA, etc.
  • Experience with Windows, iOS, Android, or MacOS malware analysis
  • Experience with business risk analysis / communicating business risks to executives
  • Proficiency in Russian and/or Ukrainian
  • Geopolitical knowledge of the Eastern Europe writ large and Russia specifically

Why should you join Recorded Future?
Recorded Future employees (or “Futurists”), represent over 40 nationalities and embody our core values of having high standards, practicing inclusion, and acting ethically. Our dedication to empowering clients with intelligence to disrupt adversaries has earned us a 4.8-star user rating from Gartner and 8 of the top 10 Fortune 100 companies as clients.

Want more info?
Blog & Podcast: Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence
Instagram & Twitter: What’s happening at Recorded Future
The Record: The Record is a cybersecurity news publication that explores the untold stories in this rapidly changing field
Timeline: History of Recorded Future
Recognition: Check out our awards and announcements

Recorded Future is an equal opportunity and affirmative action employer and we encourage candidates from all backgrounds to apply. Recorded Future does not discriminate based on race, religion, color, national origin, gender including pregnancy, sexual orientation, gender identity, age, marital status, veteran status, disability or any other characteristic protected by law.

Recorded Future will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.