Senior Threat Intelligence Researcher (US Remote)

About the position Responsibilities • Conduct proactive investigations into cybercriminal underground economies, hidden sites, and forums of interest to identify emerging threats. • Identify emerging operations and trends by conducting extensive research into cyber, physical, and information-related threat activity. • Provide actionable communications, countermeasures, and recommendations for decision-makers with minimal oversight. • Use a Threat Intelligence Platform (TIP) to collect, organize, correlate, and analyze cyber threat data from various sources. • Implement data analysis practices to assess trends and patterns in cyber, physical, and information operations networks. • Conduct in-depth analysis of malicious and suspicious code to understand the nature of threats. • Identify, monitor, track, and catalog threat actors, their ideologies, and tactics. • Generate briefing materials, written products, and simple graphics to convey analysis verbally and in writing. • Lead the acquisition, monitoring, and analysis of raw data, turning unstructured information into actionable intelligence. • Design, implement, and maintain tools and services for secure data collection, extraction, and analysis. • Apply and refine secure operational tradecraft principles to ensure the integrity of research operations. • Work with cross-functional teams, including Intelligence, Product, and Engineering, to integrate research findings into Anomali's platform. • Develop and utilize APIs for system integration and advanced data retrieval. Requirements • Bachelor's degree or an additional 3 years of experience in Cybersecurity, Computer Science, Data Science, Intelligence Studies, or relevant work, in lieu of degree. • 4+ years of professional experience in cyber threat intelligence, open-source intelligence, or information security. • Proven ability to design, implement, and interact with RESTful and other API types for data retrieval and integration. • Deep understanding of technical terminology, tools, and tactics used by state-backed and cybercriminal adversaries. • Experience navigating and analyzing large, unstructured datasets. • Comprehensive knowledge of operational security (OPSEC) principles and best practices. • Ability to work collaboratively in a remote team environment across different time zones. • This position is not eligible for employment visa sponsorship. Nice-to-haves • Additional language expertise (e.g., Russian, Mandarin, Spanish, Farsi, Arabic, Japanese, French). • Background in the intelligence community or cyber threat intelligence research. • Demonstrated engagement in the security or academic research communities, or open-source software development. • Formal intelligence analysis training. • Familiarity with building and deploying tools for internal use by research teams. • Certifications in related areas (e.g., GOSI, SANS SEC487 & SEC587, IntelTechniques OSIP, etc.). • Basic knowledge of programming/scripting languages (Python, Bash, Perl, C/C++, or JavaScript) and Structured Query Language (SQL). Apply tot his job Apply tot his job Apply tot his job