Senior Threat Intelligence Analyst

Summary

Join Huntress, a fully remote global cybersecurity team, as a Threat Intelligence Analyst. You will conduct research on emerging adversary tactics, aggregate threat data for customer reports and marketing, and promote Huntress's reputation through public speaking and blogging. Collaborate with various teams to enhance product features and contribute to a unified technical vision. This role requires 5+ years of cybersecurity threat intelligence experience, cloud and identity security experience, and proficiency with SIEM tools. Huntress offers a competitive salary, comprehensive benefits, generous PTO, parental leave, and professional development opportunities.

Requirements

• 5+ years of cyber security threat intel experience
• 2+ years of cloud security experience
• 2+ years of identity security experience
• Experience with SIEM tools for scaled log analysis
• Familiarity with detection engineering and detection logic i.e. Sigma Rules
• Experience researching and scoping threat hunt missions
• Proficient knowledge of cloud attacks (Azure and/or Google) and how to detect them
• Proof of Concept (POC) development
• Comfortable reading API documentation for SaaS applications and programming languages
• Understanding of cyber security, threat actors, and end-to-end threat life cycle, including one or more of the following: digital forensics, malware research, incident response, vulnerabilities, and exploits
• Experience with 3rd party intelligence tools, feeds, and reputation services
• Experience conducting OSINT gathering and analysis
• Excellent written and verbal communication skills

Responsibilities

• Conduct research on emerging adversary tradecraft to help find patterns of attacks
• Responsible for aggregating threat data to build out reports for customers to show Huntress’ value and inform them of various threats that have been seen and reported
• Responsible for creating reports for marketing to show Huntress’ value to the larger community
• Promote Huntress’ reputation through media interaction, public speaking, and blogs
• Works with the Director of Adversary Tactics, the Security Operations Center, Product, and Marketing for various deliverables
• Responsible for enhancing Huntress visibility by ingesting and utilizing IOCs from external threat intel sources
• Responsible for blog posts and other marketing materials regarding threat trends
• Investigate identity compromise, initial access + authentication logins, and subsequent access to understand, document, and combat attacker behavior
• Test exploitation of vulnerabilities, misconfigurations, and attack paths that result in developing reliable and weaponized Proof-of-Concept (PoC) exploits for identified vulnerabilities
• Stay current with emerging threats and vulnerabilities
• Document research findings through technical write-ups, advisories, internal reports, and blogs
• Partner with Detection Engineering, SOC, Hunt, Product Research & Marketing teams
• Own & nurture the cross-department relationships critical to successful product delivery & launch
• Eagerness to engage, report, and be accountable to executive stakeholders
• Passion to translate your expertise in nontechnical ways to deliver impactful security outcomes that protect the 99%
• Promote Huntress’ reputation through media interaction, public speaking, and blogs
• Educate the public on how to be security savvy in novel and fun ways

Preferred Qualifications

• Identity Access Management (IAM) Engineer experience
• Experience with identity and access management (IAM) concepts and tools
• Experienced Cyber Network Operator, Computer Network Operator, Cyber Technical Operator Targeter, or other similar career field experience
• Incident responder in Azure or Google environment incident experience
• Passion for MSP community
• Security conference presenter experience
• Security community educator & advocate experience
• Foundational development experience across multiple platforms (e.g., SaaS, Windows, and/or macOS), C/C++, GoLang, and Python
• Experience with conducting searches and creating visualizations in Elastic and Kibana
• Innovator builder mindset – you are not afraid to build in the open and share the ugly early versions of your work using feedback to iterate your research & learning
• Security conference presenters and community educators

Benefits

• 100% remote work environment
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth