Senior Cyber Threat Intelligence Analyst
Listed on 2026-02-16
-
IT/Tech
Cybersecurity, Data Security
Experience Level: 7–10 Years
Reports to:
Director - Cyber Security Practice/ Manager - Cyber Threat Intelligence
Salary:
Negotiable - includes relocation bonus, Visa Sponsorship and medical cover.
The Senior Threat Intelligence Analyst will play a dual role as both a hands‑on intelligence practitioner and a Threat Intelligence Platform (TIP) specialist, responsible for deploying, configuring, operating, and optimizing TIP solutions within an enterprise‑scale intelligence ecosystem.
This role is ideal for analysts who have moved beyond pure reporting and now operate at the intersection of intelligence operations, tooling, and platform engineering. You will work closely with backend engineers, data engineers, and AI teams to ensure intelligence workflows are automated, scalable, and operationally relevant. While strategic intelligence skills remain important, this role places strong emphasis on TIP configuration, data modeling, ingestion pipelines, workflow customization, and analyst enablement.
Key Responsibilities- Lead or supported the deployment, configuration, and tuning of Threat Intelligence Platforms such as:
Anomali (Threat Stream / Enterprise), Threat Connect, MISP / OpenCTI, Recorded Future, Intel 471, Group-IB (integration layer) - Configure data models, entities, and relationships aligned with operational CTI workflows.
- Design and manage ingestion pipelines for internal telemetry, OSINT, commercial feeds, and custom sources.
- Implement STIX/TAXII-based integrations, API connectors, and enrichment workflows.
- Customize workflows, playbooks, tagging schemas, scoring logic, and lifecycle states within the TIP.
- Perform tactical, operational, and strategic threat analysis using data curated and processed via the TIP.
- Validate, enrich, and contextualize IOCs, TTPs, malware families, threat actors, and campaigns.
- Map intelligence to MITRE ATT&CK, kill chains, and organizational risk scenarios.
- Support incident response, SOC, detection engineering, and vulnerability management teams with actionable intelligence.
- Conduct adversary and campaign tracking, ensuring data quality and analytical integrity.
- Design and implement automation workflows within the TIP to reduce analyst toil.
- Work with SOAR platforms and scripting tools to enable intelligence‑driven response actions.
- Optimize scoring, deduplication, false‑positive reduction, and prioritization logic.
- Collaborate with engineers to expose TIP data via APIs and downstream systems (SIEM, EDR, ASM).
- Contribute to feedback loops for continuous improvement of intelligence quality and relevance.
- Define and enforce intelligence data standards, schemas, and naming conventions.
- Ensure data lineage, traceability, and confidence scoring across all intelligence objects.
- Monitor platform health, ingestion failures, data drift, and feed degradation.
- Support role‑based access controls, sharing policies, and compliance requirements.
- Assist in platform audits, migrations, or TIP-to-TIP transitions when required.
- Act as a bridge between analysts and engineers, translating intelligence requirements into technical configurations.
- Create standard operating procedures (SOPs), onboarding guides, and workflow documentation for TIP usage.
- Mentor junior analysts on platform usage, intelligence modeling, and analytical tradecraft.
- Participate in architecture reviews for new CTI modules, feeds, or AI‑driven enhancements.
- 7–10 years of experience in Cyber Threat Intelligence roles.
- Hands‑on experience deploying, configuring, and operating TIPs in production environments.
- Strong understanding of STIX 2.x, TAXII, IOC lifecycle management, and intelligence ontologies.
- Experience integrating TIPs with SIEM, SOAR, EDR, and vulnerability management tools.
- Proven ability to customize workflows, scoring models, enrichment logic, and automation.
- Strong familiarity with APIs, JSON, Python scripting, and data ingestion pipelines.
- Experience with log…
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search: