Role Summary
As a Threat Intelligence Analyst supporting our Managed Detection & Response (MDR) Team, you will leverage your experience, skills, and cybersecurity knowledge of the threat actor landscape to convert threat data into actionable intelligence information to ultimately better protect our customers from evolving threats. A primary focus of this role will be to analyze and enrich both Sophos case data, internal intelligence, and OSINT to better track and defend against active campaigns. This position can be worked remotely in the United States or Canada.
What You Will Do- Execute strategic and tactical operations focused on developing, applying, and communicating a deep understanding of cyber threat actors, campaigns and nation-state-level threats
- Assess the capabilities of threat actors and identify new methods for tracking and identification of new activity through Open Source and Private Source intelligence feeds
- Translate actor TTPs into actionable insight that drive continuous product improvements
- Perform open-source intelligence (OSINT) collection and analysis, identifying relevant indications of cyber threats, malicious code, malicious websites, and vulnerabilities
- Continuously improve and optimize threat intelligence processes, tools, and methodologies to enhance the team's ability to detect and respond to emerging threats, and proactively identify opportunities for automation and efficiency gains
What You Will Bring- 2+ years of professional experience as a Cyber Threat Intelligence Analyst or similar incident response role with intelligence component
- Experience leveraging MITRE ATT&CK categorization to align observed threat actor activity to Tactics, Techniques, and Procedures (TTPs)
- Experience investigating eCrime campaigns and producing actionable intelligence for both tactical and strategic consumption
- Knowledge of the Intelligence Lifecycle and Diamond Model of Intrusion Analysis
- Ability to communicate effectively, both in writing and verbally, for delivery briefings to varied audiences of technical, operational, and senior client staff
- Familiarity with python, jupyter notebooks, sql, regex, and yara
- Flexibility to rapidly pivot priorities based on emerging threats
Desirable Skills- Experience turning intelligence requirements into both internal and customer-facing work products
- Experience working directly with Threat Intelligence Platforms (TIPs)
- Experience tracking both eCrime and State Sponsored threat groups
- Cybersecurity certifications (preferred)
- BA or BS degree (preferred)
In the United States, the base salary for this role ranges from $94,000 to $156,000. In addition to base salary, we offer additional compensation including bonus eligibility and a comprehensive benefits package. A candidate’s specific pay within this range will depend on a variety of factors, including job-related skills, training, location, experience, relevant education, certifications, and other business and organizational needs.
#B1