Equiliem
Cyber Threat Intelligence Analyst
Equiliem, Chicago, Illinois, United States, 60290
We are seeking a skilled Cyber Threat Intelligence Analyst with hands-on experience in relevant areas such as threat hunting, purple teaming, security engineering, and/or incident response. If you're passionate about cybersecurity, proactive in identifying threats, and adept at engineering robust security solutions, we want to hear from you.
Key Responsibilities:
o Collect, analyze, and disseminate actionable threat intelligence from open sources, private feeds, and internal telemetry.
o Track threat actor activity, tactics, techniques, and procedures (TTPs) to assess potential risks to the organization.
o Develop and maintain threat intelligence reports, including analysis of relevant threat actors, CVEs, exploits, and malware.
o Conduct proactive threat hunts to identify malicious activity within the organization's environment.
o Develop and execute hypotheses based on threat intelligence, behavioral analytics, and organizational risk.
o Utilize advanced tools such as EDR/XDR, SIEM, SOAR, and threat intelligence platforms (TIPs) to identify indicators of compromise (IOCs).
o Design, deploy, and/or manage technologies that support CTI, threat hunting, and purple team initiatives such as MISP, OpenCTI, Vectr.io, and ServiceNow (SNOW) for CTI and purple teaming.
o Develop integrations between tools to enhance threat intelligence workflows and operational efficiency.
o Collaborate with other security and IT teams to enhance monitoring, detection, and response capabilities.
o Create and optimize security use cases, rules, and dashboards for continuous monitoring.
Required Qualifications:
* Bachelor's degree in Cybersecurity, Computer Science, or a related field (or equivalent experience).
* 3+ years of experience in cybersecurity roles, with a focus on threat intelligence, threat hunting, or security engineering.
* Hands-on experience with tools such as Splunk, ELK Stack, ThreatConnect, MISP, Anomali, or other threat intelligence platforms.
* Proficiency in scripting languages (e.g., Python, PowerShell) for automating tasks.
* Deep understanding of TTPs, MITRE Telecommunication&CK framework, and IOC analysis.
* Familiarity with vulnerability management processes and patching prioritization.
* Travel - Occasional, based on issues, system requirements, training, etc.
Preferred Qualifications:
* Master's degree in a relevant field.
* Relevant certifications such as GCTI, CPTIA, CRTIA, CCTIA, GREM, OSCP, CEH, or CISSP.
* Experience with cloud security platforms and tools (e.g., AWS, Azure, GCP).
* Knowledge of reverse engineering or malware analysis.
* Experience deploying and managing CTI and purple team platforms such as Vectr.io, OpenCTI, MISP, Cortex, or ServiceNow.
Key Competencies:
* Strong analytical and problem-solving skills.
* Ability to work independently and within a team.
* Excellent communication skills, with the ability to translate technical findings into business-level context.
* Continuous learning mindset and adaptability to evolving threats and technologies.
Key Responsibilities:
o Collect, analyze, and disseminate actionable threat intelligence from open sources, private feeds, and internal telemetry.
o Track threat actor activity, tactics, techniques, and procedures (TTPs) to assess potential risks to the organization.
o Develop and maintain threat intelligence reports, including analysis of relevant threat actors, CVEs, exploits, and malware.
o Conduct proactive threat hunts to identify malicious activity within the organization's environment.
o Develop and execute hypotheses based on threat intelligence, behavioral analytics, and organizational risk.
o Utilize advanced tools such as EDR/XDR, SIEM, SOAR, and threat intelligence platforms (TIPs) to identify indicators of compromise (IOCs).
o Design, deploy, and/or manage technologies that support CTI, threat hunting, and purple team initiatives such as MISP, OpenCTI, Vectr.io, and ServiceNow (SNOW) for CTI and purple teaming.
o Develop integrations between tools to enhance threat intelligence workflows and operational efficiency.
o Collaborate with other security and IT teams to enhance monitoring, detection, and response capabilities.
o Create and optimize security use cases, rules, and dashboards for continuous monitoring.
Required Qualifications:
* Bachelor's degree in Cybersecurity, Computer Science, or a related field (or equivalent experience).
* 3+ years of experience in cybersecurity roles, with a focus on threat intelligence, threat hunting, or security engineering.
* Hands-on experience with tools such as Splunk, ELK Stack, ThreatConnect, MISP, Anomali, or other threat intelligence platforms.
* Proficiency in scripting languages (e.g., Python, PowerShell) for automating tasks.
* Deep understanding of TTPs, MITRE Telecommunication&CK framework, and IOC analysis.
* Familiarity with vulnerability management processes and patching prioritization.
* Travel - Occasional, based on issues, system requirements, training, etc.
Preferred Qualifications:
* Master's degree in a relevant field.
* Relevant certifications such as GCTI, CPTIA, CRTIA, CCTIA, GREM, OSCP, CEH, or CISSP.
* Experience with cloud security platforms and tools (e.g., AWS, Azure, GCP).
* Knowledge of reverse engineering or malware analysis.
* Experience deploying and managing CTI and purple team platforms such as Vectr.io, OpenCTI, MISP, Cortex, or ServiceNow.
Key Competencies:
* Strong analytical and problem-solving skills.
* Ability to work independently and within a team.
* Excellent communication skills, with the ability to translate technical findings into business-level context.
* Continuous learning mindset and adaptability to evolving threats and technologies.