Cyber Threat Intelligence Analyst, Mid
About The Position
The Opportunity: Support the Security Operations Center by collecting, analyzing, and correlating cyber threat intelligence from a wide range of open‑source, commercial, government, and industry partners. Manage and operationalize ThreatConnect to enrich SOC investigations, identify emerging threats, and maintain high‑quality intelligence workflows. Develop and disseminate actionable intelligence products such as reports, alerts, and briefings to inform SOC operations, leadership, and mission stakeholders. Facilitate intelligence sharing and collaboration across interagency and cross‑industry communities such as ISACs and DHS AIS, ensuring timely exchange of relevant threat information. Contributes to the maturity of the CTI program by conducting annual capability assessments, identifying gaps, and developing strategic roadmaps to enhance intelligence processes, tooling, and integration with SOC operations.
Requirements
- 2+ years of experience in cyber threat intelligence, SOC support, or incident response, including intelligence analysis or threat research
- Experience collecting, analyzing, and correlating intelligence from open and closed sources, including government, commercial, and industry feeds
- Experience managing or administering threat intelligence platforms
- Knowledge of intelligence sharing frameworks and communities, including ISACs, DHS AIS, or federal information‑sharing programs
- Knowledge of cyber threat actor tactics, techniques, and procedures (TTPs) and frameworks such as MITRE ATT&CK
- Ability to develop actionable intelligence products such as reports, alerts, and briefings for technical and non‑technical audiences
- Ability to brief leadership and produce high‑quality analytic products
- Public Trust
- Bachelor’s degree
Nice To Haves
- Experience supporting SOC investigations with threat enrichment, indicator analysis, or adversary profiling
- Experience with structured analytic techniques used in intelligence analysis
- Experience with ThreatConnect playbooks, indicator management, or intelligence lifecycle workflows
- Experience conducting CTI program maturity assessments, gap analyses, or roadmap development
- Knowledge of Zero‑Trust, EDR technologies, or modern enterprise security architectures
- Knowledge of malware analysis fundamentals, network forensics, or threat hunting concepts
- Possession of excellent written and verbal communication skills
- CompTIA CySA+, GIAC Cyber Threat Intelligence (GCTI), GIAC Open-Source Intelligence (GOSI), Certified Threat Intelligence Analyst (CTIA), CISSP or other relevant industry Certification
Responsibilities
- Support the Security Operations Center by collecting, analyzing, and correlating cyber threat intelligence from a wide range of open‑source, commercial, government, and industry partners.
- Manage and operationalize ThreatConnect to enrich SOC investigations, identify emerging threats, and maintain high‑quality intelligence workflows.
- Develop and disseminate actionable intelligence products such as reports, alerts, and briefings to inform SOC operations, leadership, and mission stakeholders.
- Facilitate intelligence sharing and collaboration across interagency and cross‑industry communities such as ISACs and DHS AIS, ensuring timely exchange of relevant threat information.
- Contributes to the maturity of the CTI program by conducting annual capability assessments, identifying gaps, and developing strategic roadmaps to enhance intelligence processes, tooling, and integration with SOC operations.
Benefits
- health
- life
- disability
- financial
- retirement benefits
- paid leave
- professional development
- tuition assistance
- work-life programs
- dependent care
- recognition awards program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
