What are the responsibilities and job description for the Threat Intelligence Analyst position at Intelliswift?
Job Title : Threat Intelligence Analyst
Location : San Jose, CA 95110 (Open to hybrid and remote candidates. Preference is candidates that can work a hybrid schedule in San Jose, CA.)
Duration : 6 months
Contract Type : W2 only
Pay Rate : $70.42 / Hour
Duties :
Monitor the cyber threat landscape for emerging threats to client's products, platforms, and customers.
Create scripts and tools to automate threat intelligence collection and enhance efficiency.
Gather and analyze threat intelligence from diverse sources including open-source intelligence (OSINT), commercial threat intelligence feeds, dark web monitoring, and threat intelligence platforms to identify patterns, trends, and potential threats relevant to the client.
Provide timely, actionable intelligence to internal stakeholders, including security operations, incident response, threat hunting, detection engineering, risk management, vulnerability operation center, and executive leadership.
Develop detailed threat actor profiles, risk assessments, and mitigation recommendations specific to Client's technology stack and customer ecosystem.
Share threat intelligence findings with cross-functional teams, enabling proactive risk management across Client's products and services.
Skills :
Threat Analysis & Detection
Identification of Indicators of Compromise (IoCs) : Proficient in recognizing and validating malicious IPs, domains, file hashes, and registry keys.
Tactics, Techniques, and Procedures (TTPs) Analysis : Expertise in mapping adversary behaviors using the MITRE ATT&CK framework to understand attack vectors and predict potential threats.
Advanced Persistent Threat (APT) Profiling : In-depth knowledge of APT groups, their operational methodologies, tools, and geopolitical motivations.
Cybercrime Ecosystem Intelligence : Strong understanding of dark web marketplaces, threat actor infrastructures, ransomware groups, and emerging cybercriminal tactics, techniques, and procedures (TTPs).
Cybersecurity Tools & Technologies
Security Information and Event Management (SIEM) : Hands-on experience with platforms like Splunk, QRadar, and ArcSight for real-time threat detection, event correlation, and log analysis.
Threat Intelligence Platforms (TIPs) : Proficient in using MISP, ThreatQ, Recorded Future, and similar platforms for aggregating, analyzing, and operationalizing threat intelligence feeds.
Log Analysis & Event Correlation : Strong ability to analyze large datasets from diverse sources (firewalls, IDS / IPS, endpoints) to uncover hidden threats.
Vulnerability Management : Understanding CVEs, CVSS scoring, and patch management and familiarity with vulnerability scanning tools (e.g., Nexpose, Qualys)
Scripting & Automation
Programming & Scripting : Proficient in Python, PowerShell, and Bash for automating repetitive tasks, developing custom scripts, and parsing large volumes of threat data.
Data Extraction Techniques : Strong command of regular expressions (RegEx) for advanced data filtering, pattern recognition, and log parsing.
API Integration & Automation : Experience in working with RESTful APIs to automate data collection from open-source intelligence (OSINT) tools and internal security platforms.
Threat Feed Integration : Knowledge of STIX / TAXII protocols for automated sharing and ingestion of structured threat intelligence data across systems.
Soft Skills
Technical & Executive Reporting : Strong report-writing skills for delivering actionable threat intelligence to both technical stakeholders and executive leadership.
Effective Communication : Ability to articulate complex cyber threats clearly and concisely through presentations, dashboards, and briefings tailored to diverse audiences.
Cross-Functional Collaboration : Proven ability to work closely with CSIRT Operations, threat-hunting, Detection Engineering, Vulnerability Management, and other security stakeholders to enhance organizational security posture.
Critical Thinking & Problem-Solving : Strong analytical mindset to assess threat data, identify patterns, and develop strategic responses to emerging threats.
Education :
Bachelor's Degree (Preferred) :
Fields : Cybersecurity, Information Security, Computer Science, Information Technology, or related disciplines.
Focus Areas : Cloud and network security, data analysis, cryptography, incident response, and threat modeling.
Master's Degree (Optional but Advantageous) :
Fields : Cyber Threat Intelligence, Cybersecurity Operations, Digital Forensics, or Risk Management.
Keep a pulse on the job market with advanced job matching technology.
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution.
Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right.
Surveys & Data Sets
What is the career path for a Threat Intelligence Analyst?
Sign up to receive alerts about other jobs on the Threat Intelligence Analyst career path by checking the boxes next to the positions that interest you.
