Job Description: Senior Cyber Threat Intelligence Analyst

Position Overview: We are seeking a highly skilled and experienced Senior Cyber Threat Intelligence Analyst to join our cybersecurity team. The ideal candidate will have a strong background in threat intelligence monitoring, report writing, and the use of various threat intelligence platforms. This role requires a proactive individual who can develop and sustain custom threat intelligence feeds, integrate them into SIEMs, and provide in-depth reporting tailored to client needs. The candidate must be comfortable working in the EST timezone (evening shift for overlap with onshore/client team ) and be on-call for high-priority urgent tasks.

Key Responsibilities:

• Monitor and analyze threat intelligence using tools such as ZeroFox, Digital Shadows, or similar platforms.
• Write comprehensive and technical cybersecurity reports with strong attention to detail.
• Utilize OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search for threat intelligence gathering.
• Develop, sustain, and enrich custom threat intelligence feeds using platforms like MISP, with scripting in Python, Azure, and Linux.
• Manage threat intelligence feeds using platforms such as Anomali, ThreatQ, Cyble, Cyware, OpenCTI, and MISP.
• Integrate threat intelligence feeds into common SIEMs, particularly Microsoft Sentinel.
• Execute domain and social media account takedowns as necessary.
• Create custom, in-depth reports specific to client requirements.
• Apply knowledge of MITRE ATT&CK, D3F3ND frameworks, and the Cyber Kill Chain in threat analysis.
• Utilize Excel and/or Power BI for data visualization and graph creation.
• Experience with excel data cleansing, VLookups, Pivot Tables
• Prepare and deliver PowerPoint presentations and reports to stakeholders.
• Maintain strong verbal and written communication skills in English.
• Work independently under pressure and prioritize tasks effectively.
• Be available for on-call duties for high-priority urgent tasks.
• Collaborate with Managed Security Service Providers (MSSPs) for backend and client-facing work.

Qualifications:

• Minimum of 3 years of experience with threat intelligence monitoring tools.
• At least 1 year of experience in threat intelligence report writing.
• Proficiency with OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search.
• Experience with scripting in Python, Azure, and Linux.
• Familiarity with one or more threat intelligence platforms for feed management.
• Experience integrating threat intelligence feeds into SIEMs, especially Microsoft Sentinel.
• Proven experience with domain and social media account takedowns.
• Strong understanding of MITRE ATT&CK, D3F3ND frameworks, and the Cyber Kill Chain.
• Excellent English writing skills.
• Proficiency in Excel and/or Power BI for data visualization.
• Strong experience with PowerPoint presentations and reporting.
• Strong verbal English and presentation skills.
• Cybersecurity certifications (e.g., COMPTIA, SANS GIAC, ISC, EC-Council) are a plus.
• Certifications specific to cyber threat intelligence are an asset.
• Ability to work in the EST timezone (evening shift for overlap with onshore/client team ).
• Strong analytical skills and ability to prioritize tasks effectively.
• Experience working with MSSPs for backend and client-facing work.

Preferred Skills:

• Experience with additional threat intelligence platforms.
• Advanced technical writing and reporting skills.
• Strong analytical and problem-solving abilities.
• Ability to work independently and as part of a team.