Senior Threat Intelligence Analyst

TENEX.AI•Overland Park, KS

3d•Onsite

About The Position

TENEX.AI is an AI-native, automation-first, built-for-scale Managed Detection and Response (MDR) provider. We are a force multiplier for defenders, helping organizations enhance their cybersecurity posture through advanced threat detection, rapid response, and continuous protection. Our team is comprised of industry experts with deep experience in cybersecurity, automation, and AI-driven solutions. We’re a fast growing startup backed by industry experts and top tier investor Andreessen Horowitz. As an early employee, you’ll play a meaningful role in defining and building our culture. Get in on the ground floor. We’re a small but well-funded team that just raised a substantial round – joining now comes with limited risk and unlimited upside. We are rapidly growing and seeking top talent to join our mission of revolutionizing the cybersecurity landscape. We are looking for an investigative Sr. Threat Intelligence Analyst to join our Cybersecurity team. You will be responsible for identifying, evaluating, and communicating threats to our organization. Your primary mission is to turn the "noise" of the global threat landscape into clear, actionable intelligence that our Security Operations Center (SOC) and leadership can use to protect our customers. You will also be instrumental in the building and development of our threat intelligence program, collaborating with various security functions, and proactively identifying and helping to mitigate risks. Culture is one of the most important things at TENEX.AI—check out our culture deck at culture.tenex.ai to experience how we champion it, valuing the unmatched collaboration and community of in-person work while offering flexibility for the best of the best. The ideal candidate will be able to work onsite at our HQ based in Sarasota, FL (Tampa Metro Area) or Overland Park, KS (Kansas City Metro Area) location. If you’re looking at this position and you are not located in either of our physical locations, we strongly recommend you consider accepting one of our lucrative relocation packages to our epic hubs in Sarasota, Florida (outside Tampa), or Overland Park in the Kansas City metro—where trailblazers redefine cybersecurity with 10x impact!

Requirements

Experience: 6+ years of experience in cybersecurity, with at least 4+ years specifically focused on threat intelligence or a closely related field (e.g., Security Operations Center (SOC) analysis).
Knowledge: Familiarity with the Intelligence Cycle, Threat frameworks and methodologies (e.g. MITRE ATT&CK, Diamond Model, Cyber Kill chain, Pyramid of Pain, STIX/TAXII).
Research Skills: Proficiency in OSINT and Commercial tools and techniques (e.g., Shodan, VirusTotal, INTEL471, WHOIS, Maltego).
Communication: Exceptional writing skills; you must be able to explain why a threat matters to the business, not just what the threat is.
Analytical Mindset: Ability to apply structured analytic techniques to avoid cognitive biases in your assessments.
TIP: Experience using Threat Intelligence Platforms (e.g., ThreatConnect, OPEN CTI).
GenAI: LLMs and security information and event management (SIEM) systems and automation
AI-driven Coding: Experience with AI coding platforms (Cursor, Claude etc) and scripting languages
Standard Formats: Knowledge of STIX/TAXII protocols for sharing threat intelligence.
Malware Literacy: Ability to understand a sandbox report or basic static analysis to extract command-and-control (C2) infrastructure.

Nice To Haves

Experience with AI coding platforms (Cursor, Claude etc) and scripting languages (e.g., Python) for data manipulation or automation are a plus.
Relevant cybersecurity certifications (e.g., CompTIA Security+, GCTI, etc.).
You don't just find a malicious IP; you want to find out who owns it and what they were trying to achieve.
You are a continuous learner who follows security researchers on social media and stays up-to-date with the latest Zero-Day disclosures.
You can stay calm and objective during high-pressure security incidents.

Responsibilities

The Intelligence Cycle: Execute all phases of the intelligence lifecycle: planning, collection, analysis, production, and dissemination.
Adversary Profiling: Track specific threat actors and groups. You will map their Tactics, Techniques, and Procedures (TTPs) using the MITRE ATT&CK framework to identify gaps in our current defenses.
Strategic Analysis: Monitor geopolitical events, industry trends, and the dark web to provide "big picture" briefings on how the threat landscape is evolving.
Tactical Support: Extract and validate technical Indicators of Compromise (IOCs) from malware reports and OSINT to ensure our blocklists are high-fidelity and low-noise.
Threat Intelligence Collection: Assist in the proactive research, identification, and collection of threat intelligence from various sources, including open-source intelligence (OSINT), commercial feeds, and internal security data.
Reporting: Produce high-quality written reports, ranging from "Flash Alerts" for urgent threats to monthly blogs or executive summaries for leadership.
Vulnerability Intelligence: Monitor and analyze vulnerability disclosures and exploit trends to provide initial insights into potential risks.
Cross-Functional Collaboration: Act as a bridge between technical teams (Incident Response) and non-technical stakeholders, translating complex exploits into business risk.

Benefits

Opportunity to work with cutting-edge AI-driven cybersecurity technologies and Google SecOps solutions.
Collaborate with a talented and innovative team focused on continuously improving security operations.
Competitive salary and benefits package.
A culture of growth and development, with opportunities to expand your knowledge in AI, cybersecurity, and emerging technologies.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume