Summary
Join Anomali's growing Intelligence team as a Senior Threat Intel Researcher. Lead efforts to track, analyze, and classify data from cybercriminal underground ecosystems. Uncover actionable threat intelligence to support Anomali's product evolution. This research-focused role requires deep cyber threat intelligence experience and independent work in a fast-paced environment. You will collaborate with internal teams to integrate findings into cutting-edge security solutions. The ideal candidate is technically proficient and highly motivated.
Requirements
- Obtain a Bachelorโs degree or have an additional 3 years of experience in Cybersecurity, Computer Science, Data Science, Intelligence Studies, or relevant work, in lieu of degree
- Have 4+ years of professional experience in cyber threat intelligence, open-source intelligence, or information security
- Demonstrate the proven ability to design, implement, and interact with RESTful and other API types for data retrieval and integration
- Possess a deep understanding of technical terminology, tools, and tactics used by state-backed and cybercriminal adversaries
- Have experience navigating and analyzing large, unstructured datasets
- Possess comprehensive knowledge of operational security (OPSEC) principles and best practices
- Demonstrate the ability to work collaboratively in a remote team environment across different time zones
- Must not now, or in the future, require visa sponsorship to work in the US
Responsibilities
- Conduct proactive investigations into cybercriminal underground economies, hidden sites, and forums of interest to identify emerging threats
- Identify emerging operations and trends by conducting extensive research into cyber, physical, and information-related threat activity. Provide actionable communications, countermeasures, and recommendations for decision-makers with minimal oversight
- Use a Threat Intelligence Platform (TIP) to collect, organize, correlate, and analyze cyber threat data from various sources to extract relevant and timely indicators for near real-time sharing
- Implement data analysis practices to assess trends and patterns in cyber, physical, and information operations networks, aiding in the determination of potential and expected impacts
- Conduct in-depth analysis of malicious and suspicious code to understand the nature of threats and extract unique attributes for proactive defense
- Identify, monitor, track, and catalog threat actors, their ideologies, and tactics by leveraging commercial and open-source intelligence collection tools
- Generate briefing materials, written products, and simple graphics to convey analysis verbally and in writing to key stakeholders
- Lead the acquisition, monitoring, and analysis of raw data, turning unstructured information into actionable intelligence
- Design, implement, and maintain tools and services for secure data collection, extraction, and analysis
- Apply and refine secure operational tradecraft principles to ensure the integrity of research operations
- Work with cross-functional teams, including Intelligence, Product, and Engineering, to integrate research findings into Anomaliโs platform
- Develop and utilize APIs for system integration and advanced data retrieval to enhance Anomaliโs intelligence capabilities
Preferred Qualifications
- Have additional language expertise (e.g., Russian, Mandarin, Spanish, Farsi, Arabic, Japanese, French)
- Have a background in the intelligence community or cyber threat intelligence research
- Demonstrate engagement in the security or academic research communities, or open-source software development
- Have formal intelligence analysis training
- Possess familiarity with building and deploying tools for internal use by research teams
- Have certifications in related areas (e.g., GOSI, SANS SEC487 & SEC587, IntelTechniques OSIP, etc.)
- Possess basic knowledge of programming/scripting languages (Python, Bash, Perl, C/C++, or JavaScript) and Structured Query Language (SQL)