Threat Intelligence Analyst
We are looking for an investigative Threat Intelligence Analyst to join our Cybersecurity team. You will be responsible for identifying, evaluating, and communicating threats to our organization. Your primary mission is to turn the "noise" of the global threat landscape into clear, actionable intelligence that our Security Operations Center (SOC) and leadership can use to protect our customers. You will also be instrumental in the building and development of our threat intelligence program, collaborating with various security functions, and proactively identifying and helping to mitigate risks.
Core Responsibilities
The Intelligence Cycle: Support all phases of the intelligence lifecycle planning, collection, analysis, production, and dissemination under the guidance of senior analysts.
Adversary Research: Research known threat actors and groups, mapping observed Tactics, Techniques, and Procedures (TTPs) to the MITRE ATT&CK framework to help identify potential gaps in current defenses.
Threat Landscape Monitoring: Monitor open sources, industry feeds, and relevant forums to contribute to "big picture" reporting on how the threat environment is evolving.
Tactical Support: Collect and help validate technical Indicators of Compromise (IOCs) from malware reports and OSINT sources to support blocklist hygiene and reduce noise.
Threat Intelligence Collection: Proactively research and collect threat intelligence from open-source intelligence (OSINT), commercial feeds, and internal security data.
Reporting: Assist in producing written reports, including Flash Alerts for urgent threats and contributions to monthly blogs or executive summaries.
Vulnerability Intelligence: Monitor vulnerability disclosures and exploit trends, surfacing relevant findings for review and escalation.
Cross-Functional Collaboration: Work alongside technical teams (e.g., Incident Response, SOC) and help communicate threat findings to non-technical stakeholders in plain language.
Required Qualifications
Experience: 24 years of experience in cybersecurity, with at least 12 years in a threat intelligence, SOC, or closely related role.
Knowledge: Working familiarity with the Intelligence Cycle and common threat frameworks (e.g., MITRE ATT&CK, Cyber Kill Chain, Pyramid of Pain).
Research Skills: Hands-on experience with OSINT tools and techniques (e.g., Shodan, VirusTotal, WHOIS).
Communication: Strong writing skills with the ability to summarize threats in a clear, business-relevant way.
Analytical Mindset: Awareness of structured analytic techniques and a commitment to objective, evidence-based assessments.
Technical Skills & Tools
TIP: Exposure to or willingness to learn Threat Intelligence Platforms (e.g., ThreatConnect, OpenCTI).
SIEM: Basic familiarity with SIEM systems and log-based investigation.
Standard Formats: Awareness of STIX/TAXII protocols for threat intelligence sharing.
Malware Literacy: Ability to read a sandbox report and extract basic indicators such as C2 infrastructure.
Scripting: Exposure to Python or similar scripting for basic data tasks is a plus.
The Ideal Candidate
Holds or is actively pursuing a relevant certification (e.g., CompTIA Security+, BTL1, or working toward GCTI).
Curious by nature you don't just flag a malicious IP, you want to understand who is behind it and why.
Follows security researchers and threat intel communities online to stay current on emerging threats and zero-day disclosures.
Stays composed and methodical when supporting the team during active security incidents.
Eager to grow into deeper adversary profiling, dark web research, and advanced analytic tradecraft over time.
Threat Intelligence Analyst
We are looking for an investigative Threat Intelligence Analyst to join our Cybersecurity team. You will be responsible for identifying, evaluating, and communicating threats to our organization. Your primary mission is to turn the "noise" of the global threat landscape into clear, actionable intelligence that our Security Operations Center (SOC) and leadership can use to protect our customers. You will also be instrumental in the building and development of our threat intelligence program, collaborating with various security functions, and proactively identifying and helping to mitigate risks.
Core Responsibilities
The Intelligence Cycle: Support all phases of the intelligence lifecycle planning, collection, analysis, production, and dissemination under the guidance of senior analysts.
Adversary Research: Research known threat actors and groups, mapping observed Tactics, Techniques, and Procedures (TTPs) to the MITRE ATT&CK framework to help identify potential gaps in current defenses.
Threat Landscape Monitoring: Monitor open sources, industry feeds, and relevant forums to contribute to "big picture" reporting on how the threat environment is evolving.
Tactical Support: Collect and help validate technical Indicators of Compromise (IOCs) from malware reports and OSINT sources to support blocklist hygiene and reduce noise.
Threat Intelligence Collection: Proactively research and collect threat intelligence from open-source intelligence (OSINT), commercial feeds, and internal security data.
Reporting: Assist in producing written reports, including Flash Alerts for urgent threats and contributions to monthly blogs or executive summaries.
Vulnerability Intelligence: Monitor vulnerability disclosures and exploit trends, surfacing relevant findings for review and escalation.
Cross-Functional Collaboration: Work alongside technical teams (e.g., Incident Response, SOC) and help communicate threat findings to non-technical stakeholders in plain language.
Required Qualifications
Experience: 24 years of experience in cybersecurity, with at least 12 years in a threat intelligence, SOC, or closely related role.
Knowledge: Working familiarity with the Intelligence Cycle and common threat frameworks (e.g., MITRE ATT&CK, Cyber Kill Chain, Pyramid of Pain).
Research Skills: Hands-on experience with OSINT tools and techniques (e.g., Shodan, VirusTotal, WHOIS).
Communication: Strong writing skills with the ability to summarize threats in a clear, business-relevant way.
Analytical Mindset: Awareness of structured analytic techniques and a commitment to objective, evidence-based assessments.
Technical Skills & Tools
TIP: Exposure to or willingness to learn Threat Intelligence Platforms (e.g., ThreatConnect, OpenCTI).
SIEM: Basic familiarity with SIEM systems and log-based investigation.
Standard Formats: Awareness of STIX/TAXII protocols for threat intelligence sharing.
Malware Literacy: Ability to read a sandbox report and extract basic indicators such as C2 infrastructure.
Scripting: Exposure to Python or similar scripting for basic data tasks is a plus.
The Ideal Candidate
Holds or is actively pursuing a relevant certification (e.g., CompTIA Security+, BTL1, or working toward GCTI).
Curious by nature you don't just flag a malicious IP, you want to understand who is behind it and why.
Follows security researchers and threat intel communities online to stay current on emerging threats and zero-day disclosures.
Stays composed and methodical when supporting the team during active security incidents.
Eager to grow into deeper adversary profiling, dark web research, and advanced analytic tradecraft over time.
Government Careers
Government jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.
Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.
Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.
MORE JOBS
-
PT Floater Bus Monitor - Operations
- Downingtown, Pennsylvania
- Chester County Intermediate Unit
- Jul 01, 2026
-
World Cup Event Security Officer – $27–$30/hr
- Overland Park, Kansas
- Securitas
- Jul 01, 2026
-
Dispatcher- 1st Shift
- Keene, New Hampshire
- Timken
- Jul 01, 2026
-
Court Reporter with Government Security Clearance (contract)
- Chicago, Illinois
- Neal R. Gross & Company
- Jul 01, 2026
-
Animal Welfare & Control Officer
- College Station, Texas
- Gfoat
- Jul 01, 2026
-
13U1 Field Artillery - Start Your Career with the US Army
- Dublin, California
- US ARMY
- Jul 01, 2026