Cyber Threat Intelligence (CTI) Analyst III

ExtraHop
Full-time
USA
$140k-$160k per year
Senior Level
Posted 4 months ago
analyst python sql linux security
Go ad-free with Premium ×
The job listing has expired. Unfortunately, the hiring company is no longer accepting new applications.

To see similar active jobs please follow this link: Remote Management jobs

Position Summary

We are seeking an experienced Cyber Threat Intelligence (CTI) Analyst to join our Threat Research team in identifying, analysing, and communicating emerging cyber threats. This role operates alongside Senior CTI Analysts, focusing on deep technical research, adversary tracking and collaboration across teams to support ExtraHop’s detection and intelligence capabilities.

Key Responsibilities

  • Threat intelligence research and analysis:

    • Conduct in-depth research on emerging network security threats, threat actors, vulnerabilities, and malware campaigns.

    • Generate, collect, and enrich internal threat intelligence, including collections of IOCs, and Threat Actor Profiles.

    • Analyze customer logs and telemetry to identify new and novel threats.

    • Reproduce and simulate attack techniques in lab environments to understand their network signatures and to ensure thorough detection coverage. 

    • Continuously monitor threat intelligence sources to stay on top of emerging threats and trends.

    • Present findings and work results to other internal teams.

  • Content creation:

    • Produce high-quality, customer-facing strategic, operational, and tactical-level written assessments, including white papers, blog posts, and case studies.

    • Create and deliver engaging webinars, video content, and presentations to communicate research findings to both technical and non-technical audiences.

    • Work closely with the marketing team to craft messages that align with the company’s brand and objectives.

  • Mentorship:

    • Mentor others regarding Threat Intelligence, intelligence writing, threat actor tracking and attribution, and threat hunting. 

Required Qualifications

  • 5+ years of experience in threat research or threat intelligence

  • Subject Matter Expert (SME) for cyber threat actors TTPs.

  • Proven experience applying structure analytical techniques and intelligence methodologies to assess adversary activity, including the intelligence cycle, intelligence writing best practices, and frameworks such as the Diamond Model

  • Familiarity with threat modeling and adversary tracking frameworks such as MITRE ATT&CK, the Cyber Kill Chain, and related models to support campaign clustering, detection development, and intelligence reporting

  • Experience is producing public-facing strategic, operational, and tactical-level written content, including white papers, blog posts, newsletters, and/or video content, such as webinars

  • Experience with data aggregation, hunting and analysis tools, such as Synapse, MISP, or OpenCTI

  • Comfortable using SQL or other query language for threat hunting

Preferred Qualifications

  • Understanding of networking fundamentals, including the OSI model and excellent working knowledge of the key protocols from Layer 2 through Layer 7

  • Experience with security tools such as Kali Linux, Wireshark, TShark, tcpdump, Suricata, or other packet capture/analysis tools

  • Experience in detecting and reproducing network attacks, such as vulnerability exploitation, system discovery, and lateral movement techniques

  • In-depth knowledge of Windows protocols and attack techniques

  • Proficient in at least one scripting or programming language (e.g., Python, JavaScript, Golang, YAML/TOML, etc.)

  • Familiarity with software development tools such as: gitlab, github

  • Experience working with cross-functional teams, including marketing and sales

The salary range for this role is $140,000 - $160,000 + bonus + benefits

Go ad-free with Premium ×
About the Job
Full-time
USA
Senior Level
$140k-$160k per year
Posted 4 months ago
analyst python sql linux security
Check if your resume is a good fit
25/100
Get Full Report
+ 1,284 new jobs added today
30,000+
Remote Jobs

Don't miss out — new listings every hour

Join Premium

Cyber Threat Intelligence (CTI) Analyst III

ExtraHop
The job listing has expired. Unfortunately, the hiring company is no longer accepting new applications.

To see similar active jobs please follow this link: Remote Management jobs

Position Summary

We are seeking an experienced Cyber Threat Intelligence (CTI) Analyst to join our Threat Research team in identifying, analysing, and communicating emerging cyber threats. This role operates alongside Senior CTI Analysts, focusing on deep technical research, adversary tracking and collaboration across teams to support ExtraHop’s detection and intelligence capabilities.

Key Responsibilities

  • Threat intelligence research and analysis:

    • Conduct in-depth research on emerging network security threats, threat actors, vulnerabilities, and malware campaigns.

    • Generate, collect, and enrich internal threat intelligence, including collections of IOCs, and Threat Actor Profiles.

    • Analyze customer logs and telemetry to identify new and novel threats.

    • Reproduce and simulate attack techniques in lab environments to understand their network signatures and to ensure thorough detection coverage. 

    • Continuously monitor threat intelligence sources to stay on top of emerging threats and trends.

    • Present findings and work results to other internal teams.

  • Content creation:

    • Produce high-quality, customer-facing strategic, operational, and tactical-level written assessments, including white papers, blog posts, and case studies.

    • Create and deliver engaging webinars, video content, and presentations to communicate research findings to both technical and non-technical audiences.

    • Work closely with the marketing team to craft messages that align with the company’s brand and objectives.

  • Mentorship:

    • Mentor others regarding Threat Intelligence, intelligence writing, threat actor tracking and attribution, and threat hunting. 

Required Qualifications

  • 5+ years of experience in threat research or threat intelligence

  • Subject Matter Expert (SME) for cyber threat actors TTPs.

  • Proven experience applying structure analytical techniques and intelligence methodologies to assess adversary activity, including the intelligence cycle, intelligence writing best practices, and frameworks such as the Diamond Model

  • Familiarity with threat modeling and adversary tracking frameworks such as MITRE ATT&CK, the Cyber Kill Chain, and related models to support campaign clustering, detection development, and intelligence reporting

  • Experience is producing public-facing strategic, operational, and tactical-level written content, including white papers, blog posts, newsletters, and/or video content, such as webinars

  • Experience with data aggregation, hunting and analysis tools, such as Synapse, MISP, or OpenCTI

  • Comfortable using SQL or other query language for threat hunting

Preferred Qualifications

  • Understanding of networking fundamentals, including the OSI model and excellent working knowledge of the key protocols from Layer 2 through Layer 7

  • Experience with security tools such as Kali Linux, Wireshark, TShark, tcpdump, Suricata, or other packet capture/analysis tools

  • Experience in detecting and reproducing network attacks, such as vulnerability exploitation, system discovery, and lateral movement techniques

  • In-depth knowledge of Windows protocols and attack techniques

  • Proficient in at least one scripting or programming language (e.g., Python, JavaScript, Golang, YAML/TOML, etc.)

  • Familiarity with software development tools such as: gitlab, github

  • Experience working with cross-functional teams, including marketing and sales

The salary range for this role is $140,000 - $160,000 + bonus + benefits