Threat Intelligence Analyst

About The Position

Requirements

• 2–4 years of experience in threat intelligence or cyber investigations, with a focus on dark web or underground threat monitoring.
• Strong knowledge of dark web platforms such as TOR, I2P, and decentralized forums.
• Familiarity with OSINT techniques, operational tooling (e.g., Maltego, Recon-ng), and data enrichment strategies.
• Ability to recognize and interpret threat actor behavior, indicators of compromise (IOCs), and relevant geopolitical or industry trends.
• Solid writing and analytical communication skills, with the ability to create both tactical alerts and strategic reports.

Nice To Haves

• Experience conducting HUMINT or dark web engagement in a secure and ethical manner.
• Foreign language skills relevant to threat actors (e.g., Russian, Arabic, Mandarin) are a significant advantage.
• Familiarity with cybercrime ecosystems (initial access brokers, ransomware affiliates, data extortion groups).
• Previous experience supporting law enforcement, CTI platforms, or security product development is a plus.
• Certifications such as GIAC GCTI, CREST CTIM, or other intelligence-specific training.

Responsibilities

• Monitor and investigate activity across dark web forums, marketplaces, encrypted messaging platforms, and other covert channels.
• Track threat actor behavior, campaigns, and emerging TTPs (tactics, techniques, and procedures).
• Collect, tag, and analyze relevant data including leaks, malware distribution, initial access sales, and exploit trade.
• Produce high-quality intelligence reports, alerts, and briefings tailored to both technical and executive audiences.
• Work with product, research, and exposure teams to enrich findings with external data and client relevance.
• Maintain strong operational security (OPSEC) protocols during intelligence gathering and engagement.