Senior Information Security Analyst, AI
Invoca
CloudSDLC
Senior Threat Intelligence Analyst, Cybercrime
Recorded Future
full-time
Posted on:
Location Type: Remote
Location: Remote • District of Columbia, Florida, Massachusetts, Washington • 🇺🇸 United States
Visit company websiteJob Level
Senior
Tech Stack
Cyber Security
About the role
- Research, track, and author finished intelligence reports on cybercriminal threat actors, tools, source types, TTPs, and campaigns associated with LATAM.
- Identify and publish proactive Threat Leads on new and emerging threats, cybercriminal activities, and campaigns.
- Drive sourcing, collecting, and curating new data into the Recorded Future Platform, specifically criminal source types communicating in Spanish and Portuguese.
- Create and maintain access to underground sources of relevance.
- Propose and oversee proactive reporting topics on cybercriminal-related Tactics, Techniques, and Procedures (TTPs) and trends for customer and public consumption.
- Research and analyze dark web/underground sources such as forums, shops, marketplaces, and secure communication channels, with a focus on Latin America (LATAM).
- Help identify sources, maintain persistence on those sources, and interact with threat actors to obtain information not publicly available.
- Respond to requests from Recorded Future colleagues and customers related to cybercriminal activities.
- Cross-collaborate with other teams in Insikt Group on larger research projects and customer requests.
- Support a variety of products, services, and initiatives for both internal stakeholders and customers as part of the Advanced Cybercrime and Engagement team.
Requirements
- Knowledge and experience with analytic tradecraft, the intelligence cycle, open-source intelligence gathering techniques, and strong intelligence writing skills, techniques, and methodologies.
- 5+ years of professional experience in roles in cyber intelligence, cybersecurity more broadly, cyber investigations, or other related disciplines.
- Demonstrated experience operating on dark web sources (forums, marketplaces, and shops) and other mediums of communication.
- Experience in engaging with cybercriminals and participating in covert operations.
- Knowledge of the structure and trends within the cybercriminal economy and landscape in LATAM: common communications vectors, source locations, operational security considerations, and more.
- Experience with handling or transacting in cryptocurrencies.
- Knowledge of and ability to conduct blockchain and cryptocurrency investigations.
- Knowledge of money laundering, fraud, and current cybercrime TTPs.
- Ability to work collaboratively with others in a globally distributed environment.
- Foreign language fluency or professional proficiency in Spanish and Portuguese.
- BA/BS or MA/MS degree or equivalent experience in Computer Science, International Relations, Security Studies, Regional Studies, Criminology, or a related discipline.
- Knowledge or understanding of the links and relationships between cybercriminal, hacktivist, extremist, and state-sponsored operations and organizations.
- Technical knowledge of malware trends impacting entities located in LATAM.
- Practical experience integrating or leveraging LLMs (For example, GPT, Claude, Gemini) in real-world applications, tools, or workflows to develop efficiencies in intelligence analysis.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cyber intelligencecybersecurityanalytic tradecraftopen-source intelligence gatheringintelligence writingdark web analysiscryptocurrency investigationsmoney launderingfraud detectionmalware trends
Soft skills
collaborationcommunicationresearchanalysisproblem-solvingadaptabilityinterpersonal skillsleadershipcreativitycritical thinking
