Threat Intelligence Analyst
The Opportunity
Reporting to the Director of Threat Intelligence, this role will be heavily involved in developing and distributing analytical content based on threat intelligence research. You will produce finished analytical products in the form of intelligence briefs, threat reports, whitepapers, and blog posts covering the cyber threat landscape. In this position, you will also actively research various types of cyber attacks using active defense techniques, data analysis, and open source intelligence gathering.
Who you are
- Naturally curious, always wanting to know more about a problem
- Self-directed, detail-oriented problem solver with demonstrated experience in developing and improving processes
- Highly organized with the ability to prioritize and manage workloads effectively
- Anticipate team needs, able to flex and stretch to meet changing business demands
- Ability to collaborate is a must, but you will be autonomous and expected to succeed without a ton of direction
- Default to action; taking initiative and follow-through is a must
- Committed to our core principles and mission; you are in demonstration of them daily
What you’ll do
- Responsible for the development and publication of customer-facing and external intelligence products
- Perform cutting-edge research on BEC and other types of phishing attacks
- Write external intelligence products (threat reports, whitepapers, blog posts, etc.) based on research findings from the threat intelligence team
- Analyze BEC emails to understand new tactics, techniques, and procedures (TTPs)
- Conduct open source research to collect intelligence from underground forums, dark web blogs, and other communication platforms, such as Telegram and WhatsApp
- Conduct data analysis to identify notable phishing trends
- Maintain an editorial calendar and coordinate publication with other teams
- Communicate analytical findings to various audiences through in-person and virtual presentations
Experience you’ll need
- Experience in operational threat research, intelligence analysis, or investigative journalism
- Ability to write intelligence reports and communicate complex research findings to a broad audience
- Ability to quickly digest raw intelligence and produce well-written analytical products
- Understanding of social engineering techniques and phishing threats
- Knowledge of various types of cyber threats, threat groups, attack vectors, attacker tactics, and countermeasures
- Experience analyzing email-based threats, particularly business email compromise attacks
- Experience with data analysis tools
- Knowledge of cloud-based email architecture
- Prior experience applying the intelligence cycle, from the development of intelligence requirements to producing analytical products
- Strong analytical reasoning, problem solving, and decision making skills
- Ability to work independently and effectively as part of a remote team with minimal supervision
- Passion for helping solve big problems and working with a wide variety of teams to make an impact
**Must be able to provide a writing sample demonstrating ability to effectively communicate analytical findings
Bonus points
- Former experience in the intelligence community or financial industry in an analytical role
- Experience with databases and writing SQL queries
- Experience with APIs and/or basic scripting languages
More About Abnormal Security
Abnormal Security is defining the next generation of email security defense. Our platform uses machine learning and artificial intelligence to baseline communication content, user identity, and behavioral signals in real-time and at-scale in order to detect the abnormalities of email attacks. Customers love us because we consistently detect and stop what everyone else in the market can’t -- advanced attacks that have never been seen before -- and we do so with beautiful user interfaces and best-in-industry customer support.
Our veteran team has built some of the most enduring machine learning platforms at leading companies including Google, Twitter, Pinterest, Amazon, Microsoft, and Expanse. We are located in San Francisco,CA, New York, NY and Lehi, UT.
Our company is growing - we’re on the Forbes AI 50, selected as a Gartner 2020 Cool Vendor, and our customer base includes multiple Fortune 500 companies.
Abnormal Security is committed to creating a diverse work environment. All qualified applicants will receive consideration without regard to race, religion, gender, gender identity, sexual orientation, national origin, genetics, disability, age, or veteran status