Enable job alerts via email!

Senior Analyst, Threat Intelligence

Deepwatch

San Francisco (CA)

Hybrid

USD 149,000 - 161,000

Full time

10 days ago

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

Deepwatch seeks a Senior Analyst, Threat Intelligence to enhance its cybersecurity operations. The role involves analyzing vast amounts of cyber threat data and producing actionable insights, contributing significantly to threat detection and response. Ideal candidates will have extensive experience with threat intelligence platforms and be skilled in analytical reporting.

Benefits

Medical, dental, and vision insurance
Flexible Time Off (FTO)
401(K) retirement program with employer match
Annual professional development benefit

Qualifications

  • Experience managing a Threat Intelligence Platform with OpenCTI proficiency.
  • Proficient in using Threat Intelligence Platforms (TIPs).
  • Deep understanding of threat actors' motivations and technical writing skills.

Responsibilities

  • Analyze and disseminate cyber threat intelligence.
  • Produce high-quality reports for stakeholders.
  • Provide intelligence-driven support to Security Operations Center.

Skills

Analytic skills
Digital forensics
Communication
Scripting

Education

Industry Recognized Certifications
Bachelor's Degree in Cybersecurity

Tools

Threat Intelligence Platforms
OpenCTI
SIEM tools

Job description

Join to apply for the Senior Analyst, Threat Intelligence role at Deepwatch

1 day ago Be among the first 25 applicants

Join to apply for the Senior Analyst, Threat Intelligence role at Deepwatch

Come join Deepwatch’s team of world-class cybersecurity professionals and the brightest minds in the industry. If you're ready to challenge yourself with work that matters, then this is the place for you. We're redefining cybersecurity as one of the fastest growing companies in the U.S. – and we have a blast doing it!

Who We Are

Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch’s cloud-based security operations platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business.

Our core values drive everything we do at Deepwatch, including our approach to tackling tough cyber challenges. We seek out tenacious individuals who are passionate about solving complex problems and protecting our customers. At Deepwatch, every decision, process, and hire is made with a focus on improving our cybersecurity solutions and delivering an exceptional experience for our customers. By embracing our values, we create a culture of excellence that is dedicated to empowering our team members to explore their potential, expand their skill sets, and achieve their career aspirations, which is supported by our unique annual professional development benefit.

Deepwatch recognition includes:

  • 2025, 2024, 2023, 2022 and 2021 Great Place to Work Certified
  • 2024 Military Times Best for Vets Employers
  • 2024 US Department of Labor Hire Vets Gold Award
  • 2024 Forbes' America's Best Startup Employers
  • 2024 Cyber Defense Magazine, Global Infosec Awards
  • 2023 and 2022 Fortress Cybersecurity Award
  • 2023 $180M Series C investment from Springcoast Capital Partners, Splunk Ventures, and Vista Credit Partners of Vista Equity Partners
  • 2022 Cybersecurity Excellence Award for MDR

Senior Analyst, Threat Intelligence

This job is hybrid and candidates must be available available to work in one of our COE locations: Tampa, FL; Denver, CO; DC metro area, SF Bay Area, or Austin, TX.

As a Senior Threat Intelligence Analyst, you will be instrumental in collecting, analyzing, and disseminating cyber threat intelligence that directly informs and enhances our security awareness, detection, response, and defensive capabilities. You’ll leverage your expertise to process large volumes of cyber threat data, conduct deep-dive analysis, and produce high-quality reports for internal and external stakeholders.

This role requires a keen eye for detail, strong analytic tradecraft, and excellent communication skills. You’ll play a key role in shaping intelligence-driven security operations while supporting the broader threat intelligence needs of our clients and internal teams.

In this role, you’ll get to:

  • Assist in threat research for context to indicators
  • Assist in threat hunting, response, and detection program development and maturity
  • Monitor and evaluate publicly available sources, selecting and reviewing cyber threat reporting for relevance and actionability.
  • Process selected cyber threat reporting for structured ingestion into OpenCTI, ensuring accurate tagging and classification for enhanced data correlation and searchability.
  • Analyze processed threat intelligence, correlating and synthesizing findings with other internal and external sources to create a comprehensive threat picture.
  • Produce brief, high-impact summaries highlighting essential facts for internal sharing, as well as more detailed formal reports that include key facts, technical details, threat actor profiling, victimology, attack chains, and TTPs.
  • Conduct triage analysis of indicators and results, escalating relevant findings and supporting alert generation.
  • Recommend mitigation measures based on technical analysis and threat assessments to reduce client risk exposure.
  • Identify and map key elements from intelligence reports to STIX threat objects for easy consumption by stakeholders and ingestion into the Threat Intelligence Platform.
  • Ingest finalized intelligence reports and supporting data into the Threat Intelligence Platform for knowledge management, correlation, hunting, and alerting, ensuring accessibility for internal teams and clients.
  • Collect, process, and analyze ransomware activity and data leak site listings, maintaining a comprehensive leak site database to track trends, generate reports, and inform clients.
  • Create charts, graphs, and tables to visualize threat actor activity and trends
  • Produce formal intelligence reports on ransomware and data leak trends and share findings with customers and, when appropriate, publicly.
  • Track additions to CISA’s Known Exploited Vulnerabilities (KEV) catalog, analyze vulnerabilities and exploitation activity, and provide tailored recommendations to clients.
  • Monitor and respond to threat intelligence request for information (RFIs)
  • Participate in incident event escalations by identifying and actioning leads for intelligence reporting.
  • Review and approve email notifications, blog posts, and other customer communications based on finalized threat intelligence reports.
  • Provide intelligence-driven support to Security Operations Center, Threat Hunting, Incident Response, and Vulnerability Management teams.
  • Brief internal teams, clients, and executive stakeholders on emerging threats, relevant threat actors, and mitigation strategies.
  • Mentor junior analysts and contribute to the development of Cyber Threat Intelligence team tradecraft and processes.

To be successful in this role, you’ll need to:

  • Have experience managing a Threat Intelligence Platform with OpenCTI proficiency.
  • Be skilled in digital forensics and incident response (full packet capture, host/network, email)
  • Demonstrate strong analytic skills in processing, correlating, and synthesizing multiple sources of intelligence to produce actionable reports.
  • Possess SIEM experience or related/equal experience
  • Position and discuss security issues with customer technical and leadership audiences to reach positive outcomes
  • Demonstrate technical writing skills for customer or executive audiences
  • Demonstrate proficiency in English; additional languages are a plus.
  • Possess a deep understanding of threat actors, their motivations, TTPs (aligned to MITRE ATT&CK), and how they target industries and organizations.
  • Be proficient in using Threat Intelligence Platforms (TIPs), such as OpenCTI, and mapping intelligence data to STIX/TAXII frameworks.
  • Leverage Malware Analysis
  • Leverage Scripting experience
  • Have Industry Recognized Certifications
    • GIAC Cyber Threat Intelligence, Certified Cyber Intelligence Analyst
    • GIAC Reverse Engineering Malware
The anticipated salary range for this role is $149,000 to $161,000 + stock options + benefits. Actual compensation may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level.

ITAR Compliance

This position will have access to customer data and as such is subject to International Traffic in Arms Regulations (ITAR). Upon application, candidates will be asked to confirm that they are a U.S. Person as defined by the following:

  • A citizen of the U.S.;
  • A lawful permanent resident of the United States;
  • A person admitted to the United States as a refugee; or
  • A person that has been granted asylum by the United States government.

The intent of this requirement is not to verify employment eligibility overall, but to ensure compliance with import/export regulations. If you do not meet these requirements, we encourage you to apply for other open roles at Deepwatch. This information will be verified upon offer of employment.

What We Offer:

Deepwatch is excited to provide benefits designed to support team members and their families. Including:

  • Medical, dental, vision, and disability insurance
  • Flexible Time Off (FTO), 9 company holidays, sick leave and 8-Weeks Paid Parental Leave
  • Unique professional development benefits, starting at $3,000 annually
  • Wellness contests and monthly educational programs
  • 401(K) retirement program with employer match
  • Learn more here: Deepwatch Benefits

We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates, so please don’t hesitate to apply — we’d love to hear from you. Please review our DEI Statement here.

Deepwatch welcomes and encourages applications from people with disabilities and accommodations are available on request for candidates taking part in all aspects of the selection process. Please inform your recruiter or contact recruiting@deepwatch.com for further information.

All Deepwatch employees are expected to:

  • Be interested in and able to work remotely from a home office when not at a corporate office
  • Pass a pre-employment background check in accordance with applicable laws

Deepwatch is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, marital status, sexual orientation, gender identity, genetic information, protected veteran status, or any other characteristic protected by law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.

By submitting your application, you agree that Deepwatch may collect your personal data for recruiting, global organization planning, and related purposes. The Deepwatch Privacy Policy explains what personal information we may process, where we may process your personal information, our purposes for processing your personal information, and the rights you can exercise over Deepwatch’s use of your personal information.

Seniority level
  • Seniority level
    Mid-Senior level
Employment type
  • Employment type
    Full-time
Job function
  • Job function
    Other, Information Technology, and Management
  • Industries
    Computer and Network Security

Referrals increase your chances of interviewing at Deepwatch by 2x

Sign in to set job alerts for “Intelligence Analyst” roles.
EPIC Clarity BI Analyst (100% REMOTE/NO C2C)

San Francisco, CA $80.00-$90.00 21 hours ago

Experienced or Credentialed Background Investigator - West Coast Region
Director of Enterprise Sales (Cyber Threat Intelligence Focus) - United States of America
Security Analyst / Contract / Onsite / San Francisco, CA

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.

Similar jobs

Demographic and Exposure Forecasting Analyst Senior – P&C Climate Risk and Exposure Analytics ([...]

USAA

Plano

Remote

USD 140,000 - 206,000

Today
Be an early applicant

Balance Sheet Management Senior Lead Analyst, Senior Vice President

Citi

Remote

USD 120,000 - 180,000

Today
Be an early applicant

Demographic and Exposure Forecasting Analyst Senior – P&C Climate Risk and Exposure Analytics ([...]

USAA

Phoenix

Remote

USD 100,000 - 206,000

Yesterday
Be an early applicant

Senior Analyst - Security Operations Center

Mondelēz International

Remote

USD 117,000 - 162,000

Yesterday
Be an early applicant

Demographic and Exposure Forecasting Analyst Senior – P&C Climate Risk and Exposure Analytics ([...]

United Services Automobile Association

San Antonio

Remote

USD 114,000 - 206,000

Yesterday
Be an early applicant

Sr Director - Analyst, Logistics Technologies

Gartner

Remote

USD 152,000 - 190,000

2 days ago
Be an early applicant

Sr Director - Analyst, Logistics Technologies

Davita Inc.

Michigan

Remote

USD 152,000 - 190,000

2 days ago
Be an early applicant

Sr Director - Analyst, Logistics Technologies

Davita Inc.

Remote

USD 152,000 - 190,000

2 days ago
Be an early applicant

Senior Software Engineer - Distributed Systems & File Sync

Air, Inc.

Remote

USD 160,000 - 264,000

2 days ago
Be an early applicant