Senior Threat Intelligence Analyst

The Senior Threat Intelligence Analyst will play a critical role in shaping, enriching, and operationalizing intelligence for the proprietary Cyber Threat Intelligence platform. This role demands a mix of technical expertise, analytical acumen, and geopolitical awareness to track adversary activity, translate raw data into actionable insights, and support both bespoke client engagements and the broader service offering. The analyst will also collaborate with engineering, AI/ML teams, and threat researchers to ensure intelligence outputs are relevant, high fidelity, and operationally impactful.

• Threat Landscape Monitoring
  • Track and profile Advanced Persistent Threats (APTs), cybercrime groups, and hacktivist operations globally.
  • Monitor open-source intelligence (OSINT), dark web, and closed forums for emerging threats.
• Adversary Profiling & Attribution
  • Analyze TTPs mapped to MITRE ATT&CK, Diamond Model, and kill chain frameworks.
  • Build and maintain adversary playbooks and actor profiles within the CTI platform.
• Platform Intelligence Contribution
  • Work with data engineers and AI/ML specialists to validate models for clustering and detection.
  • Contribute to enrichment logic, correlation rules, and threat scoring engines.
• Reporting & Dissemination
  • Produce strategic, operational, and tactical intelligence reports for stakeholders.
  • Create client‑ready advisories, threat digests, and briefings tailored to sectors (FSI, Gov, Energy, etc.).
• Collaboration & Support
  • Liaise with incident response, SOC, and threat hunting teams to operationalize CTI outputs.
  • Provide expert input during red teaming exercises and platform testing.

• Technical Expertise
  • Strong knowledge of APT campaigns, cybercrime ecosystems, and underground economies.
  • Proficiency in analyzing malware indicators (hashes, C2s, domains, YARA rules).
  • Familiarity with CTI standards: STIX/TAXII, MISP, OpenIOC, Sigma.
  • Understanding of reverse engineering outputs and malware sandboxing.
• Analytical & Research
  • Ability to transform raw technical indicators into strategic intelligence narratives.
  • Experience with geopolitical/cyber conflict dynamics and their impact on cyber threats.
  • Dark web research and HUMINT/OSINT collection skills.
• Tooling & Platforms
  • Hands‑on with Threat Intelligence Platforms (MISP, Anomali, ThreatConnect, Recorded Future, etc.).
  • Familiarity with SIEM/SOAR integration (Splunk, Sentinel, QRadar).
  • Experience in data visualization & reporting tools (Kibana, Maltego, Power BI).
• Soft Skills
  • Strong written and verbal communication (executive‑friendly reporting).
  • Ability to mentor junior analysts and contribute to capability building.
  • Comfortable working in cross‑functional teams (AI/ML, engineering, red team).

• 7–10 years in cybersecurity, with at least 5+ years in threat intelligence roles.
• Track record of analyzing adversary TTPs and creating intelligence reports.
• Experience supporting CTI services for enterprises or government clients.
• Hands‑on experience with dark web research, APT monitoring, and malware‑related investigations.
• Exposure to building or operationalizing CTI platforms is a strong plus.
• Certifications desirable: GCTI (SANS), GREM, CEH, OSINT‑specific certs, CISSP (optional but valued).