Back to jobs
tags.new

Threat Intelligence Analyst

Remote - Australia

With 1,000+ intelligence professionals serving over 1,900 clients worldwide, Recorded Future is the world’s most advanced, and largest, intelligence company!

The Research on Request Team at Recorded Future is looking for a Threat Intelligence Analyst to assist in producing consistently high quality cyber threat intelligence to clients based on their specific intelligence requirements. This production will likely involve the review and analysis of infrastructure associated with a specific threat actor or campaign, or analysis of indicators associated with a specific incident. In additional, this analysis will be expected to product analysis in line with more general requirements, such as research into overall threats to an industry, region, or technology. The analyst will be primarily responsible for ad hoc intelligence requests. Writing either ad hoc or regular reports requires the ability to work with or automate regularly recurring datasets, while also requiring flexibility to quickly research and analyze a broad spectrum of cyber threat activity, from new attacks against automotive technology to patterns in malware development.

 

What You'll Do: 

  • Produce and review finished intelligence reports that address clients’ priority intelligence requirements across a broad range of cyber threat activity topics
  • Research indicators of threat activity in the form of netflow / networking data, website / domain / IP infrastructure, security tooling logs, and email metadata
  • Engage with clients across report lifecycle: initial scoping, finished intelligence delivery, and follow-up review / support
  • Develop novel, automated, or simpler processes for research and analysis
  • Work on projects across multiple research teams with sometimes tight deadlines

What You'll Bring:

  • 2+ years experience as a threat intelligence analyst or in similar position
  • BA/BS or MA/MS degree or equivalent experience in Computer Science, Information Security, or a related field
  • Strong understanding of TCP/IP, DNS, HTTP/S, SMTP, and common application-layer protocols
  • Ability to analyze netflow data (e.g., source/destination IPs, ports, protocols, volumes, timing)
  • Familiarity with routing, ASNs, CIDR, and IP ownership (WHOIS, RIRs)
  • Experience investigating malicious domains, URLs, and IP addresses
  • Familiarity with attacker infrastructure patterns (e.g., fast-flux, bulletproof hosting, VPS abuse, CDNs, domain generation algorithms)
  • Ability to pivot across infrastructure artifacts to identify related activity
  • Understanding of email headers and metadata (SPF, DKIM, DMARC, Message-ID, Received headers)
  • Experience analyzing phishing, spoofing, and campaign-level email infrastructure
  • Practical experience using common threat intelligence analysis models such as MITRE ATT&CK, the Diamond Model, and the Cyber Kill Chain
  • Familiarity with and use of common cyber threat intelligence tools such as DomainTools, VirusTotal, SHODAN, etc.
  • Ability to understand and analyze malicious scripts or artifacts written in common scripting languages such as Python, JavaScript, XML, etc.
  • Demonstrable experience researching and analyzing cyber threats across either a) multiple industries or b) multiple timeframes. Including but not limited to finance, manufacturing, IT  services, healthcare, and public sector. 
  • Managing client expectations based on pre-established scope of work and delivery timeframe 
  • Ability to convey complex technical and non-technical concepts with intent of delivering value to each client
  • Excellent writing skills are mandatory, to be assessed via a writing sample

Preferred Qualifications:

  • Ability to analyze malware samples, including both static and dynamic analysis
  • Working knowledge of at least one language other than English, with relevance preferred for regions with more active or sophisticated cyberattackers
  • Experience working with clients to produce intelligence requirements, or reports / research in line with such requirements
  • Demonstrable experience of conducting cyber threat investigations 

#LI-Remote

Why should you join Recorded Future?
Recorded Future employees (or “Futurists”), represent over 40 nationalities and embody our core values of having high standards, practicing inclusion, and acting ethically. Our dedication to empowering clients with intelligence to disrupt adversaries has earned us a 4.6-star user rating on G2 and more than 50% of Fortune 100 companies as customers.

Want more info? 
Blog & Podcast: Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence
Linkedin, Instagram & Twitter: What’s happening at Recorded Future
The Record: The Record is a cybersecurity news publication that explores the untold stories in this rapidly changing field
Timeline: History of Recorded Future
Recognition: Check out our awards and announcements

We are committed to maintaining an environment that attracts and retains talent from a diverse range of experiences, backgrounds and lifestyles.  By ensuring all feel included and respected for being unique and bringing their whole selves to work, Recorded Future is made a better place every day.

If you need any accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to our recruiting team at careers@recordedfuture.com 

Recorded Future is an equal opportunity and affirmative action employer and we encourage candidates from all backgrounds to apply. Recorded Future does not discriminate based on race, religion, color, national origin, gender including pregnancy, sexual orientation, gender identity, age, marital status, veteran status, disability or any other characteristic protected by law.

Recorded Future will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.

Recorded Future does not administer a lie detector test as a condition of employment or continued employment. This is in compliance with the law of the Commonwealth of Massachusetts, and in alignment with our hiring practices across all jurisdictions.

Notice to Agency and Search Firm Representatives:
Recorded Future will not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to Recorded Future, including those sent to our employees or through our website, will become the property of Recorded Future. Recorded Future will not be liable for any fees related to unsolicited resumes.

Agencies must have a valid written agreement in place with Recorded Future's recruitment team and must receive written authorization before submitting resumes. Submissions made without such agreements and authorization will not be accepted and no fees will be paid.

Note: Our interview process for all final-round candidates requires a mandatory in-person interview or a live, scheduled video conference with the hiring manager. We do not conduct interviews via instant messaging or text. All communications during the application process will come from individuals within our HR department via their Recorded Future email address.

Create a Job Alert

Interested in building your career at Recorded Future? Get future opportunities sent straight to your email.

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf

Select...
Select...
Select...
Select...

If No, enter "N/A". If Yes please provide: (1) the name of the Mastercard or Recorded Future employee you have a close personal relationship with, and (2) the nature of that relationship.

Examples of close personal relationships include relatives (parent, grandparent, child, sibling, spouse, significant other, domestic partner, common law spouse, aunt/uncle, niece/nephew, cousin, in-law, and step/half relative); current or previous romantic or dating partners (no matter how casual); and any other relationship that is likely to or creates an actual or perceived conflict of interest or appearance of favoritism (for example, roommates and close friends). Close personal relationships would generally not include any former co-workers or managers with whom you do not regularly socialize outside of work.

 If No, enter "N/A." If Yes, please provide: (1) the name of the entity for which you will be performing the outside activity and the entity’s website, if available; (2) a description of what the entity does and the industry in which it operates; (3) a description of your role at the entity; and (4) the number of hours you will devote to the activity each month.

Examples of outside employment/activities include paid employment or other lawful money-making (cash or cash equivalent) activity that will not be part of your official role at Recorded Future; service on the board of directors or an advisory board of any entity (including non-profit), even if the position is unpaid; and service (paid or unpaid) in any national, state, provincial, regional, or local government, including any government department, ministry, agency, authority, commission, legislature, council, other public body (such as the World Bank or other public international organization), or state-owned enterprise.

If No, enter "N/A". If Yes, please describe the contract(s), the nature of your involvement, and list the name(s) of the involved Mastercard or Recorded Future employee(s). 

If No, enter "N/A". If Yes, please state the name of the individual, his/her employer and the nature of your relationship to this individual. If you answered "No", enter N/A

If Yes, please describe. If No, enter "N/A"

If yes, state the name of the individual, his/her employer and the nature of your relationship to this individual. If No, enter "N/A"

Recorded Future – Candidate Privacy Notice *

This candidate privacy notice explains who we are, why and how we process personal data relating to candidates and, if you are the subject of any of the personal data concerned, your rights and our contact details if you want further information or help.

When you apply for a job on www.recordedfuture.com the personal data contained in your application will be collected and processed by Recorded Future, Inc. (“we, us, our”). For the purposes of European Economic Area data protection law, (the "Data Protection Law"), the data controller is: Recorded Future, Inc., 363 Highland Avenue, Somerville, MA 02144, recruiting@recordedfuture.com ("Controller"). Our data protection officer is Frederic Wolens, who can be contacted at privacy@recordedfuture.com

We may process personal data relating to you that we have either obtained from you, or obtained from a third party including your previous or existing employers or reference agencies.  

Personal data we may collect from you:

-Your name and contact information (home address, home phone number, personal mobile number, personal email address).
-Your country of residence, citizenship, passport information and information relevant to your right of residence or right to work.
-Your date of birth.
-Your national insurance or social security details, or other similar information that is used by the government to identify you.
-Your gender.
-Your bank account information or other related financial details.
-Details of your education and previous employment history.
-Your driver's license and related information
-Your photograph.

We may process special categories of information relating to you. The processing of this information is strictly controlled by applicable law and will only be processed in limited circumstances, and may include:

Information relating to your physical characteristics, health or any disabilities, where this is relevant to your occupation or employment (for example, for the purposes of occupational health).

Information relating to your marital status, racial characteristics or sexual orientation where this is relevant to, for example, diversity monitoring.  This will normally only be processed with your consent in which case you are free to choose to provide this information, or not.

Your personal data will be processed for our legitimate interests for the purpose of managing our recruitment related activities, which include the setting up and conducting of interviews and tests for applicants, evaluating and assessing the results thereto and the selection of applicants for employment. As part of the recruitment and hiring processes we will need to process your personal data for the performance of a contract where we have offered you a position with our company.

Your personal data will be shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by us to help manage our recruitment and hiring process on our behalf. Accordingly, if you are located outside of the United States, your personal data will be transferred to the United States once you submit it through this site. Because the European Union Commission has determined that United States data privacy laws do not ensure an adequate level of protection for personal data collected from EU data subjects, the transfer will be subject to appropriate additional safeguards under the EU-US Privacy Shield.

Your personal data will be retained by us for as long as we decide that it is necessary to evaluate your application and determine whether to make you an offer of employment. After which it will be deleted or archived except to the extent that it is necessary for us to continue to process it for the purpose of compliance with legal obligations to which we are subject or for another legitimate and lawful purpose.

Under the GDPR, you have the right to request (i) access to your personal data, (ii) that your personal data be rectified or erased; and (iii) that processing of your personal data be restricted. You also have the right to data portability. In addition, you may lodge a complaint with your local supervisory authority. The Information Commissioner is the supervisory authority in the UK and can provide further information about your rights and our obligations in relation to your personal data.

Voluntary Request to Self Identify (APJ)

Recorded Future values and understands the benefits of a diverse workforce and, as such, are committed to hiring the best talent from a wide range of diverse backgrounds and characteristics.

To provide us the insight necessary to understand the diversity make-up of the talent we are attracting, we offer our applicants the option to voluntarily complete a short, confidential and anonymous survey.  

Should you volunteer to provide your details, the information will not be held or associated with your job application and are only used for internal analysis purposes.  Please only provide details where you are comfortable to do so and are in line with local law in your jurisdiction.  Your decision to participate is not known and has no correlation to your job application in any way. 

Thank you in advance for your support in our commitment to continuously strive towards a diverse workforce. 

Select...
Select...