Senior Threat Intelligence Analyst (Cybercrime)

With 1,000 intelligence professionals, over $300M in sales, and serving over 1,800 clients worldwide, Recorded Future is the world’s most advanced, and largest, intelligence company!

ACE Team, Insikt Group, Recorded Future

This role: Recorded Future’s Insikt Group seeks a senior-level cybercrime-focused Threat Intelligence Analyst with 5+ years of experience to focus on criminal investigations and operations. Among other activities, you’ll monitor cybercrime trends, activities, and methodologies across multiple criminal source types, including open-source reporting, criminal source types (forums, marketplace, shops, among others), and chat and other direct communication platforms. You will be engaged in both proactive research and in responding to requests from clients related to cybercriminality.

What you’ll do:

• Lead a small team of cybersecurity professionals, including day-to-day delegations, client-facing and public reporting fulfillment, and ensuring quarterly OKRs are achieved.
• Collaborate with senior leadership to develop team strategies, develop analysts, and fulfill needs and resources. 
• Create and devise new sourcing, collecting, and curating new data into the Recorded Future Platform.
• Write reports ranging from brief descriptions of threats and threat actors to detailed finished intelligence reports for clients and the general public.
• Able to engage with threat actors on a long-term basis to obtain additional information beyond what has been posted publicly on forums and similar platforms
• Propose and oversee proactive reporting topics on cybercriminal-related TTPs and trends for internal and public consumption.
• Work collaboratively across internal teams to help enhance Recorded Future’s collection, sourcing, research, and reporting capabilities by mentoring more junior analysts.
• Represent Recorded Future professionally at conferences and events including, but not limited to, webinars, speaking engagements, client presentations, scoping calls, and internal and external media engagements.

What you’ll bring (required):

• 5+ years of professional experience in roles in cyber intelligence, cyber and fraud investigations, or casework in other related disciplines.
• Leadership experience in leading and developing small teams to achieve team goals.
• Familiarity with collaborating with senior leadership on developing out strategy and building upon team goals.
• Knowledge and experience with analytic tradecraft, the intelligence cycle, open-source intelligence-gathering techniques, and strong intelligence writing skills, techniques, and methodologies
• Familiarity with legal and regulatory requirements for acquisition of digital information and the standards for collecting digital evidence under US Federal laws
• Experience conducting investigations and tracking campaigns on threat groups operating on criminal and clearnet sources, focusing on topics such as leaked databases and credentials, ransomware, DDoS operations, criminal marketplaces, and other current and emerging threats.
• Knowledge and understanding of malicious tools and software used for cybercriminal activity and the ability to track and trace threat groups using a wide range of telemetry.
• Knowledge of money laundering, fraud, and current cyber-enabled crime TTPs.
• Knowledge and understanding of most computer operating systems, networking concepts, and security fundamentals.
• Understanding of blockchain and cryptocurrency technologies, including trades, transfers, tracking, maintenance, documentation, and preservation.
• Apply operational security (OPSEC) best practices to maintain the anonymity of yourself and Recorded Future while operating on criminal sources.
• Ability to work well as part of a team working towards a unified goal.
• Strong time management skills that align with prioritizing day-to-day expectations with proactive research.  

Additional skills/experience (preferred but not required):

• Foreign language proficiency: strong preference for Russian, Chinese, Farsi, Arabic, or Southeast Asian languages.
• BA/BS or MA/MS degree or equivalent experience in Computer Science, Computer Engineering, Computer Programming, Digital Forensics, or a related discipline.
• Government, security, or law enforcement experience.
• Knowledge of Hacktivist trends and activities.
• Knowledge or understanding of the links and relationships between cybercriminal, hacktivist, extremist, and state-sponsored operations and organizations.
• Knowledge of money laundering TTPs, and has transacted in cryptocurrencies.
• Familiarity with malware analysis, campaign infrastructure, and interpreting larger datasets.

Why should you join Recorded Future?
Recorded Future employees (or “Futurists”), represent over 40 nationalities and embody our core values of having high standards, practicing inclusion, and acting ethically. Our dedication to empowering clients with intelligence to disrupt adversaries has earned us a 4.8-star user rating from Gartner and more than 45 of the Fortune 100 companies as clients.

Want more info? 
Blog & Podcast: Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence
Instagram & Twitter: What’s happening at Recorded Future
The Record: The Record is a cybersecurity news publication that explores the untold stories in this rapidly changing field
Timeline: History of Recorded Future
Recognition: Check out our awards and announcements

We are committed to maintaining an environment that attracts and retains talent from a diverse range of experiences, backgrounds and lifestyles.  By ensuring all feel included and respected for being unique and bringing their whole selves to work, Recorded Future is made a better place every day.

If you need any accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to our recruiting team at careers@recordedfuture.com 

Recorded Future is an equal opportunity and affirmative action employer and we encourage candidates from all backgrounds to apply. Recorded Future does not discriminate based on race, religion, color, national origin, gender including pregnancy, sexual orientation, gender identity, age, marital status, veteran status, disability or any other characteristic protected by law.

Recorded Future will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.

Notice to Agency and Search Firm Representatives:
Recorded Future will not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to Recorded Future, including those sent to our employees or through our website, will become the property of Recorded Future. Recorded Future will not be liable for any fees related to unsolicited resumes.

Agencies must have a valid written agreement in place with Recorded Future's recruitment team and must receive written authorization before submitting resumes. Submissions made without such agreements and authorization will not be accepted and no fees will be paid.