Threat Intelligence Analyst
With 1,000 employees, over $250M in sales, 1,500+ clients, and rapid year-over-year growth, Recorded Future is the world’s most advanced, and largest, intelligence company!
This Role: As a threat researcher for Insikt Group’s Strategic and Persistent Threats team, you will contribute to APT campaign tracking initiatives and support our Analyst on Demand service. This role supports both client-driven finished intelligence reports on cyber espionage-related topics, as well as internally-driven research and monitoring efforts into threat actor infrastructure, tools, and TTPs. Your research will be focused on state-sponsored cyber threats emanating from Russia.
What You’ll Do as Threat Intelligence Analyst:
- Synthesize multiple technical datasets to derive novel insights and reporting related to Russian state-sponsored APT activity;
- Establish methods of tracking APT campaigns using a combination of network, intrusion, and malware analysis skills;
- Hunt for threat actor activity in multiple technical datasets;
- Support the fulfillment of client priority intelligence requirements via Recorded Future’s Analyst on Demand service;
- Serve as a subject matter expert on Russian state-sponsored threat activity to customers and/or the public via media engagements;
- Drive prioritization, development, and deployment of network signatures to detect activity from malware families of interest;
- Stay on top of developments within the APT threat landscape and track key developments by following publications, blogs, and industry trust groups;
What You’ll Bring as the Threat Intelligence Analyst (Required):
- BA/BS or equivalent experience in Computer Science, Computer Engineering, Information Security, Security Studies, Intelligence, or a related field
- 3+ years of experience in Information Security and/or Threat Intelligence
- Experience conducting technical threat analysis and research
- Knowledge of structured analytical techniques, the intelligence cycle, and intelligence writing techniques and methodologies
- Familiarity with common CTI research and data analysis platforms/tools such as the ELK Stack (ElasticSearch, Kibana), Maltego, Shodan, DomainTools, or other similar tools/datasets
- Knowledge of TCP/IP and other networking protocols and network traffic analysis techniques
- Knowledge of existing Russian APT groups - past activities, TTPs, motivations, etc.
- Experience working directly with clients
- Strong written and verbal communication skills; ability to convey complex technical and non-technical concepts
- Excellent interpersonal and teamwork skills; ability to work with globally distributed team members
Highly Desirable Skills/Experience (not required):
- MA/MS or equivalent experience in Computer Science, Computer Engineering, Information Security, or a related field
- Scripting capabilities (Python preferred)
- Experience writing network and endpoint signature detections using SNORT, YARA, SIGMA, etc.
- Experience with Windows, iOS, Android, or MacOS malware analysis
- Proficiency in Russian and/or Ukrainian
- Geopolitical knowledge of the Eastern Europe writ large and Russia specifically
Why should you join Recorded Future?
Recorded Future employees (or “Futurists”), represent over 40 nationalities and embody our core values of having high standards, practicing inclusion, and acting ethically. Our dedication to empowering clients with intelligence to disrupt adversaries has earned us a 4.8-star user rating from Gartner and 8 of the top 10 Fortune 100 companies as clients.
Want more info?
Blog & Podcast: Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence
Instagram & Twitter: What’s happening at Recorded Future
The Record: The Record is a cybersecurity news publication that explores the untold stories in this rapidly changing field
Timeline: History of Recorded Future
Recognition: Check out our awards and announcements
Recorded Future is an equal opportunity and affirmative action employer and we encourage candidates from all backgrounds to apply. Recorded Future does not discriminate based on race, religion, color, national origin, gender including pregnancy, sexual orientation, gender identity, age, marital status, veteran status, disability or any other characteristic protected by law.
Recorded Future will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.