Recorded Future

Senior Threat Intelligence Analyst – Rest of World APT Focus

Recorded Future

full-time

Posted on:

Location: Massachusetts, Virginia • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $127,000 - $160,000 per year

Job Level

Senior

Tech Stack

AndroidCyber SecurityGoiOSJavaMacOSPythonTCP/IP

About the role

  • As a Senior Threat Intelligence Analyst on Insikt Group’s Strategic and Persistent Threats (SPT) team, lead efforts to track state-sponsored APT campaigns, mentor peers in intrusion analysis, represent Insikt Group’s expertise externally, and support Recorded Future’s Analyst-on-Demand service.
  • Focus on state-sponsored cyber threats originating beyond the traditional “Big Four” (China, Russia, Iran, North Korea), emphasizing actors in Asia, Europe, the Middle East, and emerging strategic regions.
  • Conduct proactive research on state-sponsored APT activity by synthesizing multiple technical datasets to develop novel insights and high-quality reporting
  • Establish and refine methods to track APT campaigns using network, intrusion, and malware analysis
  • Hunt for threat actor infrastructure and activity across diverse technical data sources, leveraging banner data, service metadata, and related technical artifacts
  • Identify, prioritize, and deploy detection mechanisms for command-and-control infrastructure, malware families, and threat groups of interest
  • Continuously evaluate and improve threat intelligence workflows, identifying opportunities to enhance automation, efficiency, and analytic precision
  • Stay up to date on evolving APT tradecraft by regularly reviewing technical publications, blogs, and intelligence from trusted sharing communities
  • Mentor colleagues on intrusion analysis tradecraft and threat intelligence best practices, fostering a culture of knowledge sharing and continuous development
  • Collaborate with geopolitical and regional analysis teams to support cross-functional research
  • Propose and evaluate new data sources and analytical methods to enhance or automate the intelligence cycle
  • Represent Insikt Group externally as a subject matter expert through customer briefings, media engagements, or public research dissemination
  • Collaborate with engineering and data science teams to ensure effective integration of relevant data and analytics into the Recorded Future platform
  • Support customer intelligence needs through Recorded Future’s Analyst-on-Demand service

Requirements

  • BA/BS or equivalent experience in Computer Science, Computer Engineering, Information Security, Security Studies, Intelligence, or a related field
  • Preferably 5+ years of experience in Information Security and/or Threat Intelligence
  • Demonstrated experience conducting technical threat analysis and research
  • In-depth knowledge of TCP/IP and other networking protocols and datasets relevant to intrusion and network infrastructure analysis
  • Demonstrated capability in identifying and tracking infrastructure through methods such as banner analysis and metadata correlation
  • Experience with static and dynamic malware analysis, including family attribution and variant clustering
  • Proficiency in scripting (Python preferred, or Go, C, C++, Java) and fluency with common CTI research tools such as Maltego, Jupyter Notebook, the Elastic Stack, and similar tools
  • Proven experience applying structured analytical techniques and intelligence methodologies to assess state-sponsored threat activity, including the intelligence cycle, intelligence writing best practices, and frameworks such as the Diamond Model
  • Familiarity with threat modeling and adversary tracking frameworks such as MITRE ATT&CK, the Cyber Kill Chain, and related models to support campaign clustering, detection development, and strategic reporting
  • Detailed understanding of existing APT groups’ past activities, TTPs, motivations, and targeting patterns
  • Experience with open-source intelligence-gathering tools and techniques
  • Experience working directly with customers, with strong written and verbal communication skills to clearly convey complex technical and non-technical concepts
  • Strong interpersonal and teamwork skills, including working with globally distributed team members
  • MA/MS or equivalent experience in Computer Science, Computer Engineering, Information Security, or a related field (preferred)
  • Experience writing network and endpoint detection signatures (preferred)
  • Experience with Windows, iOS, Android, macOS, or malware analysis (preferred)
  • Proficiency in a high-priority foreign language, with preference for Arabic, Chinese, Farsi, Korean, Portuguese, Russian, or Spanish (preferred)
Fifth Third Bank

Senior Cyber Threat Analyst

Fifth Third Bank
Seniorfull-time$70k–$143k / yearOhio · 🇺🇸 United States
Posted: 4 hours agoSource: fifththird.wd5.myworkdayjobs.com
CloudCyber SecurityFirewallsLinuxPython
TENEX.AI

Senior Cybersecurity Analyst

TENEX.AI
Seniorfull-timeFlorida, Kansas · 🇺🇸 United States
Posted: 1 day agoSource: jobs.ashbyhq.com
Cyber SecurityFirewallsPython
TENEX.AI

Cybersecurity Analyst

TENEX.AI
Juniorfull-timeFlorida, Kansas · 🇺🇸 United States
Posted: 1 day agoSource: jobs.ashbyhq.com
Cyber SecurityFirewalls
Mercer Advisors

Security Analyst – Systems Administration I

Mercer Advisors
Junior · Midfull-time🇺🇸 United States
Posted: 1 day agoSource: boards.greenhouse.io
AWSAzureCyber SecurityFirewallsPython
ExtraHop

Senior Cyber Threat Intelligence Analyst

ExtraHop
Seniorfull-time$150k–$180k / year🇺🇸 United States
Posted: 1 day agoSource: boards.greenhouse.io
SQL