Threat Intelligence Analyst

Why it’s worth it:

The ReliaQuest Threat Intelligence team provides timely, comprehensive intelligence that empowers high-fidelity detections, identifies known and emerging threats, and equips our customers with the knowledge to act decisively. Via our industry-leading security operations platform, GreyMatter, we produce operational, strategic, and tactical intelligence thatdelivers actionable insights into threat actortactics, techniques, and procedures. Beyond this, we act as a thought leader in cybersecurity by offeringoriginal insights that highlight our expertise in detecting, containing, investigating, and responding to adversaries. If you thrive in a high-performance environment, this role will challenge you to push your boundaries, innovate continually, and operate at pace.

The everyday hustle:

Identify and evaluate trends, dynamics, and developments in the cyber threat landscape by conducting primary-source research and analyzing telemetry.

Maintain theGreyMatterplatform’s threat intelligence libraryby writing timely, accurate, and relevant customer-facing deliverables covering threat actors, vulnerabilities, campaigns, and malware.

Supply intelligence to internal teams to enrich our threat detection, containment, investigation, and response capabilities. 

Conduct investigations to support fast-turnaround and long-form customer requests for information, including in incident response scenarios.

Publish emergency customer advisories to alert on impactful developments requiring immediate action.

Carry out research and operations on the clear, deep, and dark web, including active threat actor elicitations.

Propose and author extended original research projects to strengthenReliaQuest as a trusted voice and leader within the threat intelligence community.

Act as a trusted technical advisor to customers in ad hoc meetings and regular business reviews, understanding their unique environment and challenges to optimize their cyber resiliency.

Do you have what it takes?

3-4 years’ experience of working in cybersecurityand/or cyber threat intelligence 

A relevant bachelor’s degree (e.g., languages, computer science, cybersecurity, international relations, political science), equivalent education, or appropriate professional experience

Knowledge of cyber adversary tactics, techniques, and procedures (TTPs)

Professional-level Russian with strong reading and writing skills in the Russian-language
 

Proficiency in conducting technical and tactical investigations into atomic IOCs, threat actor methodologies, malware, and vulnerabilities 

Familiarity with the intelligence cycle, structured analytical techniques, and appropriate analytical frameworks (including Cyber Kill Chain, Diamond Model, MITRE ATT&CK) 

Capacity to read security logs and code to understand the content and context

Strong analytical skills, a demonstrated writing ability, and excellent verbal communication 

Experience working in online intelligence investigations and analysis, including strong OSINT skills

Ability to deliver at pace, find solutions, and adapt in a constantlyevolving organization 

What makes you uncommon?

Understanding of cybersecurity and IT disciplines including networking, operating systems, authentication protocols, security incident response, and enterprise technical security solutions (SIEM, IDS/IPS, firewall solutions, offensive security tools)

Basic knowledge of Linux/Unix operating systems

Certifications such as Network+, Security+, CySA+

Experience with scripting or programming, including malware reverse engineering

Professional-level foreign language skills, preferably Russian, Farsi, or Chinese

Data or statistical analysis skills

Familiarity with open, deep, and dark web cybercriminal marketplaces and forums

Experience of online HUMINT operations and/or social engineering techniques