Cyber Security Threat Intelligence Analyst

We’re seeking a Cyber Threat Intelligence Analyst to proactively monitor, analyze, and respond to emerging cyber threats. This role involves collecting and assessing data from OSINT, threat feeds, and cybersecurity reports to identify patterns and risks. You’ll produce actionable intelligence, collaborate with incident response teams, and help implement detection and mitigation strategies. Key responsibilities include threat research, automation of response workflows, and continuous improvement of threat intelligence processes. You’ll also lead the deployment of CTI platforms (e.g., RecordedFuture), conduct dark web and brand protection monitoring, and mentor team members on best practices.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

● At least 3 years of experience in Cyber Domains
● Experience (at least 2-3 years) with Recorded Future services and other CTI management of the tools available in the platform
● OSINT-Driven Research: You must be proficient in capturing and analyzing open-source intelligence, including domain/DNS lookups, phishing infrastructure identification, dark-web searches, and threat actor profiling.
● Internet Infrastructure Fluency: Solid working knowledge of web infrastructure basics is essential for accurate alert validation.
● Clear & Effective Communicator: You must articulate technical findings clearly—both in written SOPs and spoken briefings—to internal teams and diverse, possibly non-technical, stakeholders.
● Good general knowledge of SOC tools: EDR, MDR, XDR, SIEM, Vulnerability Management, Firewalls, Cloud Security
● Understanding Perceived Adversary Intentions and TTPs
● Leveraging the Diamond Model for Campaign Analysis
● STIX and TAXII consumption
● Building a Campaign Heatmap
● Analysis of Intelligence Reports and operationalising of the info provided
● Priority Intelligence Requirements
● Kill chain, diamond model, and courses of action matrix
● Strategic, operational, and tactical cyber threat intelligence application & fundamentals knowledge
● Familiarity with threat modeling and adversary tracking frameworks such as MITRE ATT&CK, the Cyber Kill Chain, and related models to support campaign clustering, detection development, and strategic reporting
● Detailed understanding of existing APT groups’ past activities, TTPs, motivations, and targeting patterns
● Experience with open-source intelligence-gathering tools and techniques
● Any of the these are assets: GIAC Cyber Threat Intelligence (GCTI) – FOR578, EC-Council C|TIA, CRTIA, MITRE ATT&CK Defense (MAD)

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.