Cyber Threat Intelligence Analyst

Cyber Threat Intelligence Analyst is responsible for identifying, collecting, analyzing, and documenting the indicators and observables from phishing campaigns and malware binaries to produce actionable, timely intelligence to our broad range of customers.

Essential Duties/Responsibilities

• Analyze email-based threats, including phishing attempts, spear-phishing campaigns, and social engineering tactics to identify malicious activity.
• Analyze attachments, links, and payloads associated with phishing emails, identifying and documenting malware and/or credential phishing payloads and associated artifacts.
• Identify and document indicators of compromise (IOCs) from phishing emails, credential phishing campaigns, and malware samples (e.g., IP addresses, domain names, hashes) for use in identification and remediation efforts.
• Perform opensource based investigations of credential phishing sites and associated infrastructure.
• Stay up to date with evolving phishing tactics, techniques, and procedures (TTPs), emerging malware, and cybersecurity best practices.
• Contribute to analysis reporting on more sophisticated malware and credential phishing, with guidance.
• Contribute insight to in-depth strategic reporting on attacker trends and TTPs.
• Author threat assessments that assist customers in understanding threat s relevance and potential impact.
• Analyze phishing campaigns and related threats to identify patterns, changes, and anomalies.
• Other duties as assigned.

Knowledge, Skills and Abilities Required

• Strong attention to detail and analytical skills.
• Ability to document findings clearly and concisely.
• Excellent communication skills, with the ability to document findings clearly and collaborate with cross-functional teams.
• Self-motivated, eager to learn, and committed to growth in the cybersecurity threat intelligence and analysis field.
• Ability to work in a fast-paced, team-oriented environment.
• Basic understanding of email protocols, headers, and related encoding formats.
• Familiarity with programming and scripting languages (e.g., Python, JavaScript, Visual Basic).
• Basic understanding of malicious software, malware families, and their behaviors.
• Basic familiarity with tactics, techniques, and procedures (TTPs) used in phishing campaigns.
• Quick learner with the ability to adapt to new tools and tradecraft standards.
• Ability to learn and quickly implement tradecraft standards.
• Basic knowledge of common malware families, email-based threats, and tactics used in phishing campaigns.