Threat Intelligence Analyst
Recorded Future
full-time
Posted on:
Location Type: Remote
Location: Australia
Visit company websiteExplore more
About the role
- Produce and review finished intelligence reports that address clients’ priority intelligence requirements across a broad range of cyber threat activity topics
- Research indicators of threat activity in the form of netflow / networking data, website / domain / IP infrastructure, security tooling logs, and email metadata
- Engage with clients across report lifecycle: initial scoping, finished intelligence delivery, and follow-up review / support
- Develop novel, automated, or simpler processes for research and analysis
- Work on projects across multiple research teams with sometimes tight deadlines
Requirements
- 2+ years experience as a threat intelligence analyst or in similar position
- BA/BS or MA/MS degree or equivalent experience in Computer Science, Information Security, or a related field
- Strong understanding of TCP/IP, DNS, HTTP/S, SMTP, and common application-layer protocols
- Ability to analyze netflow data (e.g., source/destination IPs, ports, protocols, volumes, timing)
- Familiarity with routing, ASNs, CIDR, and IP ownership (WHOIS, RIRs)
- Experience investigating malicious domains, URLs, and IP addresses
- Familiarity with attacker infrastructure patterns (e.g., fast-flux, bulletproof hosting, VPS abuse, CDNs, domain generation algorithms)
- Ability to pivot across infrastructure artifacts to identify related activity
- Understanding of email headers and metadata (SPF, DKIM, DMARC, Message-ID, Received headers)
- Experience analyzing phishing, spoofing, and campaign-level email infrastructure
- Practical experience using common threat intelligence analysis models such as MITRE ATT&CK, the Diamond Model, and the Cyber Kill Chain
- Familiarity with and use of common cyber threat intelligence tools such as DomainTools, VirusTotal, SHODAN, etc.
- Ability to understand and analyze malicious scripts or artifacts written in common scripting languages such as Python, JavaScript, XML, etc.
- Demonstrable experience researching and analyzing cyber threats across either a) multiple industries or b) multiple timeframes. Including but not limited to finance, manufacturing, IT services, healthcare, and public sector.
- Managing client expectations based on pre-established scope of work and delivery timeframe
- Ability to convey complex technical and non-technical concepts with intent of delivering value to each client
- Excellent writing skills are mandatory, to be assessed via a writing sample.
Benefits
- Health insurance
- 401(k) matching
- Flexible work hours
- Paid time off
- Professional development opportunities
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
threat intelligence analysisnetflow data analysisTCP/IPDNSHTTP/SSMTPmalicious domain investigationemail metadata analysisscripting languagescyber threat intelligence models
Soft skills
client engagementprocess developmentanalytical thinkingcommunicationwriting skillstime managementexpectation managementcollaborationproblem-solvingadaptability