Analyst, Cybercrime Intelligence Analysis (Europe, Remote)

Company Overview:

Intel 471 empowers enterprises, government agencies and other organizations to win the cybersecurity war using the real-time insights about adversaries, their relationships, intentions, threat patterns and imminent attacks relevant to their businesses. The company’s platform collects, interprets, structures and validates human-led, automation-enhanced intelligence, which fuels our external attack surface and advanced behavioral threat hunting solutions. Customers utilize this operationalized intelligence to drive a proactive response to neutralize threats and mitigate risk. Organizations across the globe leverage Intel 471’s

world-class intelligence, our trusted practitioner engagement and enablement, and globally-dispersed ground expertise as their frontline guardian against the ever-evolving landscape of cyber threats to fight the adversary — and win.

The Role:

Intel 471 is looking for an Intelligence Analyst to join our world-class team, reporting to the Team Lead of Cyber Crime Intel Analysis team. The role can be located in Europe on a remote basis and is full time.

Are you experienced in cybersecurity and ready to apply your skills in a more strategic, intelligence-driven role? Do you understand the intelligence cycle and how to operationalize it in real-world environments? We’re looking for professionals who think critically, are eager to learn and have a strong interest in understanding underground ecosystems, cybercriminal operations and adversary behaviors.

Your work will directly support defenders across multiple industries and organizations, enabling teams to anticipate threats, make informed decisions and protect corporate environments with greater efficiency and effectiveness.

Key Duties and Responsibilities:

• Support analysis of adversaries, emerging threats, intrusion campaigns, underground services and relevant cybersecurity incidents or events.
• Collect and analyze information from a variety of sources, to generate tactical finished intelligence products.
• Perform analysis of tactics, techniques and procedures (TTPs) from intrusions and cybercriminal activity.
• Conduct attribution analysis and identify overlaps between adversaries and activity clusters.
• Leverage analytical tools, technologies, methodologies and data platforms to enhance intelligence products and capabilities.
• Provide independent timely, tactical intelligence analysis and research support for bespoke customer engagements and requests for information (RFIs).
• Support our data collection efforts and artificial intelligence-enhanced automation workflows.
  
• Develop and provide intelligence briefings to support internal and external speaking events with a view to expand brand awareness and support the go-to-market effort.
• Collaborate internally with an experienced, globally diverse, cross-cultural team to aid the collection, analysis and production of intelligence.
• Generate intelligence bulletins (IBs), adversaries’ profiles, regional and industry-focused reports, weekly briefings, monthly and annual reports.

Education, Experience & Qualifications:

Candidates must have:

• Understanding of how cyber threat intelligence (CTI) supports and protects business operations by enabling informed risk mitigation and decision-making.
• Understanding of how CTI enhances enterprise security capabilities and directly enables teams such as Security Operations Center (SOC), Incident Response (IR), Threat Hunting, Fraud Prevention, Vulnerability Management and Security Engineering through actionable, relevant and timely intelligence.
• Knowledge of at least some of the following security technologies and platforms that directly benefit from CTI integration such as Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR), Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Threat Intelligence Platforms (TIP), firewalls, Intrusion Prevention Systems (IPS), Identity and Access Management (IAM), cloud security controls and other related technologies.
• Knowledge of the cybercriminal underground landscape including:
  • Common intrusion TTPs, malware operations, vulnerabilities, exploits, carding, financial fraud, etc.
  • Malware, fraud and phishing campaigns and infrastructure related to them.
  • Understanding of the interdependencies between cybercriminal enabling services, commodity products, compromised information/data, monetization schemes and the threat actors involved.
  • Proficient in open-source intelligence (OSINT) research and common tool sets.
  • Understanding of the nexus between geopolitics and cybercrime.
• The ability to collaborate in a remote team, but also work independently.
• Excellent written and spoken communication, interpersonal and problem-solving skills.
• A self-starter, motivated to take ownership, lead people and drive projects from initiation to completion.

Strong candidates will have:

• Demonstrated cybersecurity experience in one or more of the following or related areas: Incident Response (IR), Penetration Testing, Red Teaming, Threat Hunting, Vulnerability Management, Malware Analysis, Fraud Analysis or CTI.
• Proven ability to consistently produce high-quality reports, connecting relevant and timely intelligence to support stakeholder use cases.
• Proven ability with the intelligence cycle and cybersecurity frameworks such as MITRE ATT&CK, Diamond Model, Pyramid of Pain and Cyber Kill Chain.
• Excellent time management and organization skills.
• Proven proficiency in analytical methodologies such as critical thinking, logical reasoning and techniques to minimize cognitive bias.
• Demonstrated proficiency with underground investigations, intrusion campaigns tracking or malware analysis.
  

The role involves occasional travel within the U.S., Europe and Asia. You will be expected to interact and work closely with other areas of the company as needed and keep in regular contact with our international team located across the globe, so comfortably working with diverse professional and cultural backgrounds is required.

Benefits:

• Competitive compensation
• Remote-friendly culture
• Wellness programs
• Employee recognition program
• A variety of professional development opportunities
• Inclusive culture focused on people, customers and innovation

Our Culture:

The Intel 471 team is constantly growing and is always on the lookout for talented professionals who seek to operate on the forefront of the fight against threat actors impacting our customers and partners. Our culture of humility and quiet professionalism is a core attribute of Intel 471 and everyone within it. Our culture is collaborative, supportive and fast-paced. We're a mission-driven company. We're looking for talented, 'can-do' minded people with a passion for always doing the right thing.

We believe in supporting a progressive culture that allows all our people to be themselves, enjoy exciting opportunities and grow with us. That's why our culture is founded on our core values of openness, inclusion, integrity and client focus, which set the tone for how we work together and treat each other in order to empower us all – and foster a unique team spirit. View our Culture Guide to find out more about us and what it’s like to work for Intel 471!