Jobs · Information Technology

Cyber Threat Intelligence Analyst - Remote

TalentAlly · United States · 5 days ago
RemoteRemoteInformation TechnologyFull-time

About the role

We are seeking an experienced Cyber Threat Intelligence (CTI) Analyst to help mature the CSAA CTI program. This hands-on role focuses on operationalizing the Threat Intelligence Platform (TIP), tracking priority threats, and delivering actionable, detection-driven intelligence to security teams and leadership.

Responsibilities

  • Monitor and analyze intelligence from commercial, industry, and OSINT sources to track threat actors, campaigns, and vulnerabilities, and assess their relevance, impact, and risk to the organization
  • Maintain and use Threat Intelligence Platforms (TIP) and related tools to support intelligence operations, including ingestion, enrichment, tagging, and data quality
  • Integrate intelligence across security tools (SIEM, SOAR, case management) to support operations
  • Collect, enrich, and manage actionable IOCs to drive detection, blocking, and mitigation efforts across security operations
  • Provide real-time intelligence context during investigations and incidents (e.g., adversary behavior, infrastructure, objectives)
  • Analyze vulnerability intelligence, including KEV listings and active exploitation trends, to support risk-based vulnerability prioritization
  • Respond to ad hoc and timesensitive intelligence requests from stakeholders
  • Support threat hunting by developing indicators, behaviors, and hypotheses
  • Produce and deliver intelligence reports and briefings for technical and nontechnical audiences
  • Improve intelligence workflows, intake processes, RFIs, and documentation

Requirements

  • 6+ years of experience in Cyber Threat Intelligence, SOC, Incident Response, Threat Hunting, or related cybersecurity roles
  • Bachelor's degree in computer science, Information Technology, or a related field, or an equivalent combination of education and experience
  • Deep experience operating and optimizing industry leading Threat Intelligence Platforms (TIPs)
  • Proven experience leveraging commercial threat intelligence providers such as Flashpoint, Recorded Future, Intel 471, ZeroFox, or comparable services to support operational intelligence requirements
  • Strong mastery of the intelligence lifecycle, with demonstrated ability to operationalize intelligence from collection through dissemination and action
  • Advanced working knowledge of the MITRE ATT&CK framework, with experience applying it to threat analysis, detection engineering, and reporting
  • Demonstrated experience managing and enriching IOCs, with a focus on translating intelligence into measurable detection, blocking, and mitigation outcomes
  • Solid understanding of SIEM, SOAR, EDR, and case management platforms, and how intelligence integrates into and enhances investigative workflows
  • Experience analyzing vulnerability and exploit intelligence to assess real-world risk, likelihood of exploitation, and potential business impact
  • Strong written and verbal communication skills, with the ability to clearly articulate complex threat and risk concepts to both technical and nontechnical stakeholders

Qualifications

  • A team player who values collaboration and knowledge sharing
  • Ability to think critically and operate effectively in ambiguous or evolving situations
  • Strong communication skills
  • A strong passion for continuous learning, with curiosity to stay current on emerging threats, techniques, and evolving security trends
  • A self-starter who takes initiative, operates effectively with minimal direction, and proactively sees opportunities to improve security outcomes
  • Actively shapes our company culture (e.g., participating in employee resource groups, volunteering, etc.)
  • Lives into cultural norms (e.g., willing to have cameras when it matters: helping onboard new team members, building relationships, etc.)
  • Travels as needed for role, including divisional / team meetings and other in-person meetings
  • Fulfills business needs, which may include investing extra time, helping other teams, etc.

Benefits

At CSAA IG, we offer a total compensation package, annual bonus eligibility for most roles, 401(k) with a company match, and so much more! Read more about what we offer and what it is like to be a part of our dynamic team at [https://careers.csaainsurance.aaa.com/us/en/benefits](https://careers.csaainsurance.aaa.com/us/en/benefits).

Pay

Factors used to determine the actual salary offered may include location, experience, or education.

Schedule

Most employees hold Home-Flex roles, working primarily from home, often with the flexibility to work from various locations including CSAA offices.

Equal Opportunity Employer

CSAA Insurance Group is an equal opportunity employer.

Similar jobs

Cyber Threat Analyst

Parsons CorporationAnnapolis Junction, MD· 2 mo ago
Information Technology$134k–$241k/yrapply on parsons.wd5.myworkdayjobs.com