With 1,000 intelligence professionals, over $300M in sales, and serving over 1,900 clients worldwide, Recorded Future is the world’s most advanced, and largest, intelligence company!

HIGHLY DESIRABLE SKILLS/EXPERIENCE (NOT REQUIRED):

• MA/MS or equivalent experience in Computer Science, Computer Engineering, Information Security, or a related field
• Experience writing network and endpoint detection signatures
• Experience with Windows, iOS, Android, macOS, or malware analysis
• Proficiency in a high-priority foreign language, with preference for Arabic, Chinese, Farsi, Korean, Portuguese, Russian, or Spanish
  The base salary range for this full-time position is $127,000 - $160,000. Our salary ranges are determined by role, level, and location. The range displayed reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by state, work location and additional factors, including job-related skills, experience, and relevant education or training. This position may be eligible for incentive compensation, equity, and medical, dental, vision, life insurance and 401K. Your recruiter can share more about the specific details of the compensation and benefit package during the hiring process.
  

  LI-Remote

THIS ROLE:

As a Senior Threat Intelligence Analyst on Insikt Group’s Strategic and Persistent Threats (SPT) team, you will lead efforts to track state-sponsored APT campaigns, mentor peers in intrusion analysis, represent Insikt Group’s expertise externally, and support Recorded Future’s Analyst-on-Demand service.
This role involves both proactive monitoring and in-depth research into threat actor infrastructure, tools, and TTPs, as well as the production of high-impact, client-driven finished intelligence. Your focus will be on state-sponsored cyber threats originating from Iran.

WHAT YOU’LL DO:

• Conduct proactive research on state-sponsored APT activity by synthesizing multiple technical datasets to develop novel insights and high-quality reporting
• Establish and refine methods to track APT campaigns using network, intrusion, and malware analysis
• Hunt for threat actor infrastructure and activity across diverse technical data sources, leveraging banner data, service metadata, and related technical artifacts
• Identify, prioritize, and deploy detection mechanisms for command-and-control infrastructure, malware families, and threat groups of interest
• Continuously evaluate and improve threat intelligence workflows, identifying opportunities to enhance automation, efficiency, and analytic precision
• Stay up to date on evolving APT tradecraft by regularly reviewing technical publications, blogs, and intelligence from trusted sharing communities
• Mentor colleagues on intrusion analysis tradecraft and threat intelligence best practices, fostering a culture of knowledge sharing and continuous development
• Collaborate with geopolitical and regional analysis teams to support cross-functional research
• Propose and evaluate new data sources and analytical methods to enhance or automate the intelligence cycle
• Represent Insikt Group externally as a subject matter expert through customer briefings, media engagements, or public research dissemination
• Collaborate with engineering and data science teams to ensure effective integration of relevant data and analytics into the Recorded Future platform
• Support customer intelligence needs through Recorded Future’s Analyst-on-Demand service