Threat Intelligence Analyst (OSINT / Strategic Intelligence)
Location: Open to remote candidates aligned to MST/PST time zones Denver, CO preferred
Client: VDC
Note from client
"Strategic Threat Intelligence Analyst
We need to recalibrate on this role immediately.
The profiles coming through are too cyber engineering / SOC-heavy (SIEM, Splunk, IR, vulnerability management). That is NOT what the client is looking for.
We are NOT looking for:
SOC AnalystsCyber Security EngineersIncident Response / Threat Hunting profilesSIEM-heavy candidates (Splunk, QRadar, etc.)
We ARE looking for a true Threat Intelligence / OSINT-focused analyst.
Target profile:
Strong OSINT experience (open web, social media, forums, dark web, niche communities)Experience tracking cyber threat actors (behavior, narratives, infrastructure, attribution)Ability to take ambiguous inputs → structured intelligenceExperience producing intelligence reports / briefings (not just alerts or tickets)Exposure to geopolitical risk and/or supply chain intelligenceBackground in Threat Intelligence teams, NOT pure engineering or SOC
Keywords to prioritize:
Threat Intelligence AnalystOSINT AnalystIntelligence AnalystStrategic IntelligenceCyber Threat Intelligence (CTI)
Strong signals:
Recorded Future, Flashpoint, Intel471, Mandiant, etc.Mentions of actor tracking, investigations, analysis, reportingWork that connects external threats → business impact
Hard filter:
If the resume is more than 50% tools (Splunk, SIEM, EDR, vulnerability scanning), reject.
We need investigators, not operators.
"
look for analysts who have good knowledge of the APAC region for intel gathering, geopolitics, and analysis
β Fast-moving environment with high visibility and impact
Overview
We are seeking a highly capable Threat Intelligence Analyst with strong OSINT and
investigative tradecraft to support a global security and risk function.
This role is focused on execution and analysis, not strategy-setting. You will work closely with
senior leadership to investigate emerging threats, assess risk, and produce actionable
intelligence across cyber, physical, reputational, and geopolitical domains.
This is not a SOC or monitoring role. Success in this position requires the ability to
independently investigate ambiguous situations, identify meaningful signals in noisy
environments, and translate findings into clear, defensible intelligence.
What You’ll Do
β Conduct deep OSINT investigations across social media, forums, niche communities,
and open web sources
β Rapidly turn vague or evolving inputs into structured, high-confidence intelligence
assessments
β Identify and analyze cyber, physical, reputational, and geopolitical threats
β Perform threat actor analysis, including attribution, narrative tracking, and cross-
platform correlation
β Assess threat landscapes and how actors operate, evolve, and communicate
β Monitor global developments and determine how events may materialize into real-
world risk
β Translate external signals into clear business and operational impact
β Leverage tools such as Recorded Future, Liferaft Navigator, and other intelligence
platforms
β Collaborate closely with analysts and stakeholders to advance investigations and
outcomes
β Produce executive-ready reports, briefings, and presentations
Example Problems You’ll Work On
β Investigating potential threats targeting a specific location, asset, or operation using
open-source intelligence
β Identifying online chatter or sentiment that may indicate reputational or physical risk
β Assessing how geopolitical developments (e.g., conflict, supply chain disruption) may
impact operations or industry
β Analyzing emerging threat actors and determining potential intent, capability, and impact
What We’re Looking For
β Elite OSINT capability — strong intuition for where to look, how to pivot sources, and
how to extract signal from noise
β Proven ability to handle ad-hoc, ambiguous investigations and deliver clear outcomes
β Strong investigative tradecraft, including:
β actor mapping
β narrative tracking
β cross-platform correlation
β attribution analysis
β Deep understanding of threat landscapes and threat actor behavior
β Ability to analyze who threats come from, why they exist, and how they may
materialize
β Strong capability in geopolitical analysis and connecting global events to business risk
β Ability to clearly articulate how external developments cascade into operational impact
β Exceptional written communication — able to produce structured, defensible,
executive-ready intelligence
β Strong presentation and briefing skills
β Comfortable operating in fast-moving, high-ambiguity environments
β Collaborative mindset with the ability to work effectively across teams
Basic Qualifications
β 6+ years of experience in Threat Intelligence, OSINT, or investigative analysis
β Demonstrated experience conducting independent, end-to-end investigations
β Experience producing written intelligence reports and/or briefings for stakeholders
Strong Signals (Highly Preferred)
β Experience with Recorded Future, Liferaft, or similar threat intelligence platforms
β Background in Threat Intelligence teams, intelligence analysis, or investigative
roles
β Exposure to cyber, geopolitical, physical, and/or reputational risk analysis
β Experience supporting business, operational, or security decision-making
What This Role Is NOT
To avoid misalignment, this role is not focused on:
β SIEM monitoring (Splunk, QRadar, etc.)
β Incident response or alert triage
β Vulnerability management or patching
Application Requirements (Required)
To be considered, candidates must be able to provide:
β 1–2 examples of investigative or intelligence work (sanitized if necessary)
β A writing sample demonstrating structured analysis and clear communication
Screening Exercise (Required)
Shortlisted candidates will complete a practical exercise such as:
β Investigating a potential threat scenario using open-source intelligence
β Identifying relevant actors, signals, and narratives
β Delivering a concise written assessment of risk and potential impact
We are evaluating analytical thinking, investigative approach, and communication — not
just tools used.
Never miss an opportunity! Create an alert based on the job you applied for.
