Senior Threat Intelligence Researcher

closed
Anomali Logo

Anomali

๐Ÿ“Remote - United States

Summary

Join Anomali's growing Intelligence team as a Senior Threat Intel Researcher. Lead efforts to track, analyze, and classify data from cybercriminal underground ecosystems. Uncover actionable threat intelligence to support Anomali's product evolution. This research-focused role requires deep cyber threat intelligence experience and independent work in a fast-paced environment. You will collaborate with internal teams to integrate findings into cutting-edge security solutions. The ideal candidate is technically proficient and highly motivated.

Requirements

  • Obtain a Bachelorโ€™s degree or have an additional 3 years of experience in Cybersecurity, Computer Science, Data Science, Intelligence Studies, or relevant work, in lieu of degree
  • Have 4+ years of professional experience in cyber threat intelligence, open-source intelligence, or information security
  • Demonstrate the proven ability to design, implement, and interact with RESTful and other API types for data retrieval and integration
  • Possess a deep understanding of technical terminology, tools, and tactics used by state-backed and cybercriminal adversaries
  • Have experience navigating and analyzing large, unstructured datasets
  • Possess comprehensive knowledge of operational security (OPSEC) principles and best practices
  • Demonstrate the ability to work collaboratively in a remote team environment across different time zones
  • Must not now, or in the future, require visa sponsorship to work in the US

Responsibilities

  • Conduct proactive investigations into cybercriminal underground economies, hidden sites, and forums of interest to identify emerging threats
  • Identify emerging operations and trends by conducting extensive research into cyber, physical, and information-related threat activity. Provide actionable communications, countermeasures, and recommendations for decision-makers with minimal oversight
  • Use a Threat Intelligence Platform (TIP) to collect, organize, correlate, and analyze cyber threat data from various sources to extract relevant and timely indicators for near real-time sharing
  • Implement data analysis practices to assess trends and patterns in cyber, physical, and information operations networks, aiding in the determination of potential and expected impacts
  • Conduct in-depth analysis of malicious and suspicious code to understand the nature of threats and extract unique attributes for proactive defense
  • Identify, monitor, track, and catalog threat actors, their ideologies, and tactics by leveraging commercial and open-source intelligence collection tools
  • Generate briefing materials, written products, and simple graphics to convey analysis verbally and in writing to key stakeholders
  • Lead the acquisition, monitoring, and analysis of raw data, turning unstructured information into actionable intelligence
  • Design, implement, and maintain tools and services for secure data collection, extraction, and analysis
  • Apply and refine secure operational tradecraft principles to ensure the integrity of research operations
  • Work with cross-functional teams, including Intelligence, Product, and Engineering, to integrate research findings into Anomaliโ€™s platform
  • Develop and utilize APIs for system integration and advanced data retrieval to enhance Anomaliโ€™s intelligence capabilities

Preferred Qualifications

  • Have additional language expertise (e.g., Russian, Mandarin, Spanish, Farsi, Arabic, Japanese, French)
  • Have a background in the intelligence community or cyber threat intelligence research
  • Demonstrate engagement in the security or academic research communities, or open-source software development
  • Have formal intelligence analysis training
  • Possess familiarity with building and deploying tools for internal use by research teams
  • Have certifications in related areas (e.g., GOSI, SANS SEC487 & SEC587, IntelTechniques OSIP, etc.)
  • Possess basic knowledge of programming/scripting languages (Python, Bash, Perl, C/C++, or JavaScript) and Structured Query Language (SQL)
This job is filled or no longer available

Similar Remote Jobs