Cyber Threat Intelligence Analyst



Multiple locations
Posted on Wednesday, September 13, 2023

Why it’s worth it:

Are you interested in supporting the production of tactical and strategic intelligence products that draw on primary-source information to provide insights into adversary tactics and techniques, malware, and threat campaigns in the underground cybersphere? Joining ReliaQuest’s Cyber Threat Intelligence team, you will be an integral part of intelligence operations. This is a great opportunity to put language skills to use while conducting cutting-edge threat research, seeking and interpreting restricted intelligence, and delivering intelligence products to a varied audience. If you have a keen interest in broadening your skills, knowledge, and experience within an intelligence environment, this role might be for you.

The everyday hustle:

  • Conduct investigations on the clear, deep, and dark web, identifying English- and foreign-language primary- and/or restricted-access intelligence to support the entire range of the team’s deliverables
  • Follow trends, dynamics, and developments in the cyber threat landscape
  • Identify new threat actors or locations and assess their credibility, motivations, and threat level
  • Write timely, accurate, and relevant customer-facing intelligence deliverables in a variety of formats—including short, fast-turnaround updates and longer-form reports—covering threat actors, vulnerabilities, malware, and cybercriminal locations
  • Conduct investigations to support customer Requests for Intelligence (RFIs) and produce written deliverables according to agreed parameters
  • Research, write, contribute to, and coordinate external-facing papers, blogs, webinars, and podcasts
  • Liaise with other teams within Threat Research umbrella to deliver primary-source intelligence to enrich internal telemetry efforts investigating credible threats
  • Propose and carry out extended research projects to gather actionable intelligence on the cyber threat landscape
  • Support Threat Research Team Leadership in ensuring team goals are met
  • Meet deadlines and achieve expectations

Do you have what it takes?

  • 3-4 years’ experience of working in cyber security and/or cyber threat intelligence
  • Experience working in online intelligence investigations and analysis, including good OSINT skills
  • Demonstrates a sense of urgency, understands customer needs (internal and external), and is solution-focused
  • Knowledge of cyber threat actors and adversary tactics, techniques, and procedures (TTPs)
  • Strong analytical skills and a demonstrated writing ability
  • Understands channels of communication, delivery of information, tone, and attitude in messaging; has an awareness of cultural differences, inclusiveness, and communication barriers
  • Can adapt to a fast-moving environment to deliver high-quality intelligence content in a short timeframe
  • Comfortable working in cross-functional intelligence teams across different time zones
  • Good understanding of the cyber threat landscape, including threat actor attack methodologies, security postures, and appropriate analytical frameworks (including Cyber Kill Chain, Diamond Model, MITRE ATT&CK)
  • A relevant university degree (e.g., Languages, Computer Science, Cybersecurity, International Relations, Political Science), equivalent education, or appropriate professional experience

What makes you uncommon?

  • Professional-level Russian-, Farsi-, Turkish-, or Spanish-language skills
  • Experience of non-standard vocabulary in a foreign language, e.g., slang and technical jargon
  • Familiarity with foreign- and English-language open, deep, and dark web cybercriminal marketplaces and forums
  • Experience of online HUMINT operations and/or social engineering techniques
  • Experience of tactical investigations into threat actor TTPs, malware, and vulnerabilities
  • A comfortable public speaker, confident to share ideas and insights both internally and externally
  • Awareness of a wide variety of security technologies (e.g., SIEM, EDR)
  • Technical understanding/skills, particularly of cyber security offensive and defensive practices
  • Familiarity with structured analytic techniques for intelligence analysis