Recorded Future is hiring a
Remote Senior Emerging Threat Intelligence Analyst
\nWe are seeking a uniquely talented individual who combines the technical acumen of a Cyber Threat Hunter with the expressive skills of a Technical Writer to work as an Emerging Threat Intelligence Analyst. This individual will be a critical component of Recorded Futureโs Insikt Group, and will be a point person for cross-team collaboration both throughout Insikt Group as well as with Recorded Futureโs Attack Surface Intelligence Quick Reaction Team (QRT). This individual will aid in the identification, assessment, and communication of new and emergent threats in the cybersecurity landscape, specifically vulnerability intelligence and detection.\nResponsibilities\n\n\n* Vulnerability Analysis: You are tasked with the prompt identification, thorough analysis, and comprehensive assessment of emerging cybersecurity threats, specifically recently disclosed or exploited vulnerabilities. Your technical prowess will be crucial in ensuring our preparedness for potential risks and understanding the implications of prompt and thorough analysis of high-impact vulnerabilities. \n\n* Threat Analysis: You are tasked with the production and review of intelligence summaries accessible to all Recorded Future clients. These summaries will detail a variety of cyber threat events, including recent cyber attacks and adjustments in known threat groupsโ tactics, techniques, and procedures (TTPs).\n\n* Technical Authorship: Utilizing your skill in making complex concepts accessible, you will convert intricate technical insights into engaging and easily understandable blog posts, client disclosures, and Insikt Notes. Each publication should comprehensively address the nature of the threat, its potential impact, suggested mitigation strategies, and a succinct summary for quick referencing.\n\n* Detection Engineering: Design and develop Nuclei templates for vulnerability scanning, ensuring these templates are tailored to detect new and emerging vulnerabilities efficiently. Develop custom lab environments and proof-of-concept code based on specific vulnerability signatures and behaviors. Maintain an up-to-date repository of these templates, and continually refine them to improve detection accuracy and performance. This involves creating test cases, simulating attack scenarios, and verifying that the templates correctly identify vulnerabilities without producing false positives.\n\n* Research Collaboration: You will partner with teams within Insikt Group to augment our collective understanding of emergent threats and vulnerabilities. This collaborative exploration will subsequently inform and enhance our proactive protective measures.\n\n* Cross-team Collaboration: You will be responsible for working on projects across multiple research teams within Insikt Group and QRT with weekly content production and tight deadlines. \n\n* Detailed Documentation: Your role involves meticulous record-keeping, noting intricate details of identified vulnerabilities, methodologies of discovery, and potential implications. This comprehensive record aids in understanding the nature of threats and planning appropriate responses.\n\n* Continual Professional Development: Stay abreast of the latest advancements in cybersecurity trends, threat tactics, and research methodologies, ensuring our collective knowledge remains current and comprehensive.\n\n\n\nQualifications\n\n\n* A degree in Cybersecurity, Computer Science, Information Technology, or a related discipline.\n\n* A minimum of 3 years of substantial experience in cybersecurity, with a focus on threat detection, penetration testing, or vulnerability assessment.\n\n* A solid grasp of fundamental cybersecurity principles, attack trajectories, and techniques for vulnerability analysis.\n\n* Demonstrable experience researching and analyzing new cyber threats across either a) multiple industries or b) multiple timeframes (e.g., both weekly and quarterly)\n\n* Demonstrable experience deploying known vulnerable infrastructure within a lab environment for analysis.\n\n* Demonstrable experience creating and authoring Nuclei templates for vulnerability identification and validation.\n\n* Practical experience using common threat intelligence analysis models such as MITRE ATT&CK, D3FEND, the Diamond Model, and the Cyber Kill Chain\n\n* Practical experience with network and web application penetration testing tools such as, Burp Suite, NMap, Fiddler, and Wireshark\n\n* Familiarity with and use of common cyber threat intelligence tools such as DomainTools, VirusTotal, SHODAN, etc.\n\n* Demonstrable experience in technical writing, showcasing an ability to translate complex technical concepts into engaging, reader-friendly content.\n\n* Demonstrably strong writing ability, to be assessed via a writing sample\n\n* A meticulous attention to detail, underscoring a commitment to accuracy and thoroughness in all aspects of work.\n\n* Capable of functioning effectively within a team as well as independently.\n\n\n\nPreferred but not required:\n\n\n* Relevant industry certifications such as OSCP, OSWA, GWAPT, Pentest+, or equivalent.\n\n* Familiarity with scripting and programming languages such as YAML, Python, Golang, Javascript, C, etc. \n\n* Prior experience within a quick reaction or incident response team environment.\n\n* Practical experience with malware detections, including YARA, Sigma, and Snort\n\n\n \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to Writer and Senior jobs that are similar:\n\n
$57,500 — $95,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐
We hire old (and young)\n\n
\n\n#Location\nSomerville, Massachusetts, United States