Senior Intelligence Analyst (Capabilities Developer)
About The Position
Zscaler is a pioneer and global leader in zero trust security. The world’s largest businesses, critical infrastructure organizations, and government agencies rely on Zscaler to secure users, branches, applications, data & devices, and to accelerate digital transformation initiatives. Distributed across more than 160 data centers globally, the Zscaler Zero Trust Exchange platform combined with advanced AI combats billions of cyber threats and policy violations every day and unlocks productivity gains for modern enterprises by reducing costs and complexity. Here, impact in your role matters more than title and trust is built on results. We believe in transparency and value constructive, honest debate—we’re focused on getting to the best ideas, faster. We build high-performing teams that can make an impact quickly and with high quality. To do this, we are building a culture of execution centered on customer obsession, collaboration, ownership and accountability. We champion an “AI Forward, People First” philosophy to help us accelerate and innovate, empowering our people to embrace their potential. If you’re driven by purpose, thrive on solving complex challenges and want to make a positive difference on a global scale, we invite you to bring your talents to Zscaler to help shape the future of cybersecurity. The Red Canary Intelligence Team conducts in-depth analysis to provide context and help prioritize where to focus detection and response efforts. As a key contributor, you will investigate raw telemetry, analyze suspicious and confirmed threats, and conduct open-source research to associate activity with known adversaries. A significant focus is on modeling and analyzing in the Synapse graph database. Curiosity, adaptability, and a passion for addressing evolving threats will be vital for success in this dynamic, mission-driven team. Role We are looking for an experienced Senior Intelligence Analyst to join our Intelligence team. This is a remote role, reporting to the Senior Manager, Intelligence. You will utilize Synapse and Storm Query Language to drive data modeling and analytic workflows, identifying patterns that protect our customers. By investigating telemetry and conducting deep-dive research, you’ll deliver actionable intelligence that communicates TTPs and detection strategies while validating our coverage against an ever-evolving threat landscape.
Requirements
- Professional experience in Intelligence, Security Operations Center (SOC), Digital Forensics and Incident Response (DFIR), or other security-focused roles
- Strong analytical skills with the ability to synthesize complex information using graph databases or query languages like SQL, Splunk, Elasticsearch, or Synapse Storm
- Deep knowledge of cyber threat intelligence concepts including attribution, group naming, assessments, pivoting, and the MITRE ATT&CK ® framework
- Proven experience tracking adversaries, malware families, or activity groups with the ability to differentiate unique and shared characteristics
- Outstanding communication skills with a track record of translating technical concepts for both subject matter experts and non-technical stakeholders
Nice To Haves
- Proven leadership mentoring team members and contributing to the development of organizational intelligence expertise
- Direct experience in capabilities development, threat hunting, or detections development
- Technical proficiency in software development using C#, Python, Ruby, or similar languages
Responsibilities
- Utilize Synapse and Storm Query Language for data modeling and analytic workflows while contributing to automation and tool building
- Investigate telemetry to identify new activity clusters based on malicious and suspicious behaviors observed across the customer base
- Conduct open and closed source research to analyze threat patterns and author actionable intelligence products regarding TTPs and remediation strategies
- Actively engage with internal teams, external partners, and the infosec community to share knowledge and enhance global collaboration
- Validate endpoint, cloud, and identity detection coverage against emerging threats and recommend solutions for visibility gaps in telemetry
Benefits
- Various health plans
- Time off plans for vacation and sick time
- Parental leave options
- Retirement options
- Education reimbursement
- In-office perks, and more!
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
