Lead Threat Intelligence Analyst
Share
Job Location:
Salary:
Posted on:
Vacancies:
Job Summary
Come join Deepwatchs team of world-class cybersecurity professionals and the brightest minds in the industry. If youre ready to challenge yourself with work that matters then this is the place for you. Were redefining cybersecurity as one of the fastest growing companies in the U.S. and we have a blast doing it!
Who We Are
Our core values drive everything we do at Deepwatch including our approach to tackling tough cyber challenges. We seek out tenacious individuals who are passionate about solving complex problems and protecting our customers. At Deepwatch every decision process and hire is made with a focus on improving our cybersecurity solutions and delivering an exceptional experience for our customers. By embracing our values we create a culture of excellence that is dedicated to empowering our team members to explore their potential expand their skill sets and achieve their career aspirations which is supported by our unique annual professional development benefit.
Deepwatch recognition includes:
- and 2021 Great Place to Work Certified
- 2024 Military Times Best for Vets Employers
- 2024 US Department of Labor Hire Vets Gold Award
- 2024 Forbes Americas Best Startup Employers
- 2024 Cyber Defense Magazine Global Infosec Awards
- 2023 and 2022 Fortress Cybersecurity Award
- 2023 $180M Series C investment from Springcoast Capital Partners Splunk Ventures and Vista Credit Partners of Vista Equity Partners
- 2022 Cybersecurity Excellence Award for MDR
Lead Threat Intelligence Analyst
Reports to: EVP Global Cyber Operations
As a Lead Threat Intelligence Analyst you will be instrumental in collecting analyzing and disseminating cyber threat intelligence that directly informs and enhances our security awareness detection response and defensive capabilities. Youll leverage your expertise to process large volumes of cyber threat data conduct deep-dive analysis and produce high-quality reports for internal and external role requires a keen eye for detail strong analytic tradecraft and excellent communication skills. Youll play a key role in shaping intelligence-driven security operations while supporting the broader threat intelligence needs of our clients and internal teams.
In this role youll get to:
- Monitor and evaluate publicly available and closed sources selecting and reviewing cyber threat reporting for relevance and actionability.
- Analyze processed threat intelligence correlating and synthesizing findings with other internal and external sources to create a comprehensive threat picture.
- Produce brief high-impact customer-facing summaries highlighting essential facts for internal sharing as well as more detailed formal reports that include key facts technical details threat actor profiling victimology attack chains and TTPs.
- Recommend mitigation measures based on technical analysis and threat assessments to reduce client risk exposure.
- Identify and map key elements from intelligence reports to STIX threat objects for easy consumption by stakeholders and ingestion into the Threat Intelligence Platform.
- Ingest finalized intelligence reports and supporting data into the Threat Intelligence Platform for knowledge management correlation hunting and alerting ensuring accessibility for internal teams and clients.
- Collect process and analyze dark web activity and data leak site listings maintaining a comprehensive leak site database to track trends generate reports and inform clients.
- Create charts graphs and tables to visualize threat actor activity and trends
- Monitor and respond to threat intelligence requests for information (RFIs) for both internal and customer facing teams.
- Participate in incident event escalations by identifying and actioning leads for intelligence reporting.
- Review and approve email notifications blog posts and other customer communications based on finalized threat intelligence reports.
- Provide intelligence-driven support to Security Operations Center Threat Hunting Incident Response and Vulnerability Management teams.
- Brief internal teams clients and executive stakeholders on emerging threats relevant threat actors and mitigation strategies.
- Mentor junior analysts and contribute to the development of Cyber Threat Intelligence team tradecraft and processes.
To be successful in this role youll need to:
- Be proficient in using Threat Intelligence Platforms (TIPs) such as OpenCTI and mapping intelligence data to STIX/TAXII frameworks.
- Demonstrate strong analytic skills in processing correlating and synthesizing multiple sources of intelligence to produce actionable reports.
- Possess SIEM experience or related/equal experience
- Position and discuss security issues with customer technical and leadership audiences to reach positive outcomes
- Demonstrate technical writing skills for customer or executive audiences
- Demonstrate proficiency in English; additional languages are a plus.
- Possess a deep understanding of threat actors their motivations TTPs (aligned to MITRE ATT&CK) and how they target industries and organizations.
- Leverage Scripting experience
- Preferred Industry-Recognized Certifications:
- GIAC Cyber Threat Intelligence (GCTI) GIAC Reverse Engineering Malware (SOC)
- EC-Councils Certified Cyber Intelligence Analyst (CTIA) CRESTs Certified Threat Intelligence ManagerandCREST Registered Threat Intelligence Analyst MITRE ATT&CK Cyber Threat Intelligence Certification.
- Not required but prefer some experience with Malware Analysis Digital Forensics or Incident Response (full packet capture host/network email)
ITAR Compliance
This position will have access to customer data and as such is subject to International Traffic in Arms Regulations (ITAR). Upon application candidates will be asked to confirm that they are a U.S. Person as defined by the following:
- A citizen of the U.S.;
- A lawful permanent resident of the United States;
- A person admitted to the United States as a refugee; or
- A person that has been granted asylum by the United States government.
The intent of this requirement is not to verify employment eligibility overall but to ensure compliance with import/export regulations. If you do not meet these requirements we encourage you to apply for other open roles at Deepwatch. This information will be verified upon offer of employment.
Statutory Pay Disclosure
The anticipated salary range for this role is $17500 - $190000 bonus stock options benefits. Actual compensation may vary from posted hiring range based upon geographic location work experience education and/or skill level.
What We Offer:
Deepwatch is excited to provide benefits designed to support team members and their families. Including:
- Medical dental vision and disability insurance
- Flexible Time Off (FTO) 11 company holidays sick leave and 8-Weeks Paid Parental Leave
- Unique professional development benefits starting at $3000 annually
- Wellness contests and monthly educational programs
- 401(K) retirement program
- Learn more here: Deepwatch Benefits
We know theconfidence gapandimposter syndrome can get in the way of meeting spectacular candidates so please dont hesitate to apply wed love to hear from you. Please review our DEI Statement here.
- Be interested in and able to work remotely from a home office when not at a corporate office
- Pass a pre-employment background check in accordance with applicable laws
Deepwatch is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race color religion sex national origin age disability status marital status sexual orientation gender identity genetic information protected veteran status or any other characteristic protected by compliance with federal law all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
By submitting your application you agree that Deepwatch may collect your personal data for recruiting global organization planning and related purposes. The Deepwatch Privacy Policy explains what personal information we may process where we may process your personal information our purposes for processing your personal information and the rights you can exercise over Deepwatchs use of your personal information.
Required Experience:
IC
Key Skills
- All-Source Intelligence
- Military Intelligence
- GIS
- ICD Coding
- Intelligence Experience
- Military Experience
- Analysis Skills
- Microsoft Powerpoint
- Joint Operations
- Intelligence Analysis
- Leadership Experience
- Writing Skills
About Company
The Leading Managed Security Platform for the Cyber Resilient Enterprise™, providing advanced threat detection & response capabilities backed by experts.
