Principal Intelligence Analyst

Summary

Join Halcyon, a leading cybersecurity firm, as a Principal Intel Analyst and contribute to our mission of making ransomware history. You will be responsible for researching and analyzing pre-crime activity to mitigate ransomware attacks. This role requires expertise in financially-motivated cybercrime, the underground economy, and threat actor tracking. You will produce actionable research reports, collaborate with the pre-crime team, and respond to client inquiries. Halcyon offers a remote-native work environment and a comprehensive benefits package, including full healthcare coverage, a 401k plan, disability and life insurance, flexible PTO, parental leave, and a generous equity offering. The ideal candidate possesses extensive experience in cyber threat intelligence and a deep understanding of the cybercrime ecosystem.

Requirements

• 5+ years of experience working in a cyber threat intelligence, cybercrime investigative/analytical, financial fraud analysis, or similar setting
• Ability to demonstrate subject matter expertise of financially-motivated cybercrime threats and the underground economy ecosystem (eg. cybercrime forums, marketplaces, enabling services, dump shops, etc.)
• Strong understanding of cybercrime threat actors and their tactics, techniques and procedures in the the underground economy ecosystem
• Existing access to the underground economy ecosystem with credible and active personas
• Familiarity of the technical aspects of malware, botnets, ransomware, and other malicious tools
• Exposure to the intelligence cycle in a law enforcement, military, security service, cyber threat intelligence team, or similar setting, ideally on a global level
• Experience with link-analysis methodologies and tools (e.g., Maltego or Analysts Notebook)
• Good Open Source Intelligence (OSINT) gathering skills
• Equally capable of working independently or in a team environment
• Excellent written and verbal skills, fluency in English is required

Responsibilities

• Identify, research, coordinate, and produce research reports centered around financially-motivated cybercrime threat actors observed in underground forums and marketplaces that are actionable by Halcyon’s pre-crime team
• Work independently and within the team to identify new and creative opportunities to research and convey valuable pre-crime assessments to clients
• Synchronize and prioritize with the Halcyon pre-crime team research targets to optimize and satisfy clients' Priority Intelligence Requirements (PIR)
• Answer specific Requests for Information (RFI) from clients regarding threats or concerns
• Help design new and innovative processes and programs to build efficiencies and scalability as the company continues to grow

Preferred Qualifications

• Proven experience as a team leader, particularly in an intelligence analysis role
• Experience as a penetration tester or other offensive security professional
• Experience as an incident responder with examples of cases handled and their outcomes
• Coding skills in python with examples of projects and contributions to past successes
• Russian language writing and reading skills, including fluency with relevant slang terms

Benefits

• Comprehensive healthcare (medical, dental, and vision) with premiums paid in full for employees and dependents
• 401k plan with a generous employer contribution
• Short and long-term disability coverage, basic life and AD&D insurance plans
• Medical and dependent care FSA options
• Flexible PTO policy
• Parental leave
• Generous equity offering