San Francisco, United States | Posted on 04/16/2025 Location: 100% Remote (USA)

Job Type: Full-Time

Department: Information Security / Cybersecurity

Position Overview A top leading U.S tech company is seeking a Cyber Threat Intelligence (CTI) Analyst to join a growing security team. The successful candidate will be responsible for identifying, analysing, and reporting on current and emerging cyber threats. This role plays a crucial part in enhancing our threat detection capabilities, supporting incident response, and improving our overall security posture.

Key Responsibilities Collect, analyse, and disseminate threat intelligence from open-source, commercial, and proprietary sources. Monitor and evaluate cyber threat trends, tactics, techniques, and procedures (TTPs). Produce actionable intelligence reports, threat briefings, and alerts tailored to technical and non-technical audiences. Support the detection, analysis, and response to cyber threats in collaboration with SOC, IR, and vulnerability management teams. Track threat actors and campaigns relevant to the organization’s risk profile and industry sector. Perform malware analysis, phishing campaign tracking, and IOC enrichment. Maintain CTI platforms, threat feeds, and threat intelligence tools. Provide strategic intelligence to inform risk assessments and security program planning. Collaborate with law enforcement, Information Sharing and Analysis Centres (ISACs), and industry threat-sharing communities.

Requirements 3+ years of experience in cybersecurity with at least 1-2 years in a CTI role. Strong understanding of the cyber threat landscape, APT groups, and cybercrime. Familiarity with MITRE ATT&CK, Diamond Model, and Kill Chain frameworks. Experience working with threat intelligence platforms (TIPs), SIEMs, and SOARs. Knowledge of IOCs, TTPs, and IOC enrichment tools (VirusTotal, Shodan, ThreatFox, etc.). Excellent written and verbal communication skills.

Preferred:

Experience supporting threat hunting and incident response efforts. Familiarity with scripting languages (Python, PowerShell) and automation tools. Knowledge of cloud security (AWS, Azure, GCP) threat vectors. Relevant certifications such as GCTI, GCIA, CEH, CISSP, or equivalent.

#J-18808-Ljbffr