What are the responsibilities and job description for the Threat Intelligence Analyst position at Software Guidance and Assistance, Inc.?

Software Guidance & Assistance, Inc., (SGA), is searching for a Threat Intelligence Analyst for a Contract assignment with one of our premier SaaS clients in the San Jose, CA.

Responsibilities :

Monitor the cyber threat landscape for emerging threats to products, platforms, and customers.
Create scripts and tools to automate threat intelligence collection and enhance efficiency.
Gather and analyze threat intelligence from diverse sources including open-source intelligence (OSINT), commercial threat intelligence feeds, dark web monitoring, and threat intelligence platforms to identify patterns, trends, and potential threats.
Provide timely, actionable intelligence to internal stakeholders, including security operations, incident response, threat hunting, detection engineering, risk management, vulnerability operation center, and executive leadership.
Develop detailed threat actor profiles, risk assessments, and mitigation recommendations specific to internal technology stack and customer ecosystem.
Share threat intelligence findings with cross-functional teams, enabling proactive risk management across products and services.

Skills :

Threat Analysis & Detection :

Identification of Indicators of Compromise (IoCs) : Proficient in recognizing and validating malicious IPs, domains, file hashes, and registry keys.

Tactics, Techniques, and Procedures (TTPs) Analysis : Expertise in mapping adversary behaviors using the MITRE ATT&CK framework to understand attack vectors and predict potential threats.

dvanced Persistent Threat (APT) Profiling : In-depth knowledge of APT groups, their operational methodologies, tools, and geopolitical motivations.

Cybercrime Ecosystem Intelligence : Strong understanding of dark web marketplaces, threat actor infrastructures, ransomware groups, and emerging cybercriminal tactics, techniques, and procedures (TTPs).

Cybersecurity Tools & Technologies :

Security Information and Event Management (SIEM) : Hands-on experience with platforms like Splunk, QRadar, and ArcSight for real-time threat detection, event correlation, and log analysis.

Threat Intelligence Platforms (TIPs) : Proficient in using MISP, ThreatQ, Recorded Future, and similar platforms for aggregating, analyzing, and operationalizing threat intelligence feeds.

Log Analysis & Event Correlation : Strong ability to analyze large datasets from diverse sources (firewalls, IDS / IPS, endpoints) to uncover hidden threats.

Vulnerability Management : Understanding CVEs, CVSS scoring, and patch management and familiarity with vulnerability scanning tools (e.g., Nexpose, Qualys)

Scripting & Automation :

Programming & Scripting : Proficient in Python, PowerShell, and Bash for automating repetitive tasks, developing custom scripts, and parsing large volumes of threat data.

Data Extraction Techniques : Strong command of regular expressions (RegEx) for advanced data filtering, pattern recognition, and log parsing.

PI Integration & Automation : Experience in working with RESTful APIs to automate data collection from open-source intelligence (OSINT) tools and internal security platforms.

Threat Feed Integration : Knowledge of STIX / TAXII protocols for automated sharing and ingestion of structured threat intelligence data across systems.

Soft Skills :

Technical & Executive Reporting : Strong report-writing skills for delivering actionable threat intelligence to both technical stakeholders and executive leadership.

Effective Communication : Ability to articulate complex cyber threats clearly and concisely through presentations, dashboards, and briefings tailored to diverse audiences.

Cross-Functional Collaboration : Proven ability to work closely with CSIRT Operations, threat-hunting, Detection Engineering, Vulnerability Management, and other security stakeholders to enhance organizational security posture.

Critical Thinking & Problem-Solving : Strong analytical mindset to assess threat data, identify patterns, and develop strategic responses to emerging threats.

SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission : to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values : customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .

SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company EEO page to request an accommodation or assistance regarding our policy.

Apply for this job

Receive alerts for other Threat Intelligence Analyst job openings

Threat Intelligence Analyst

What are the responsibilities and job description for the Threat Intelligence Analyst position at Software Guidance and Assistance, Inc.?

What is the career path for a Threat Intelligence Analyst?

Job openings at Software Guidance and Assistance, Inc.

Not the job you're looking for? Here are some other Threat Intelligence Analyst jobs in the San Jose, CA area that may be a better fit.

We don't have any other Threat Intelligence Analyst jobs in the San Jose, CA area right now.

AI Assistant is available now!