Cyber Threat Intelligence Analyst

  • Intel
  • Hillsboro, OR, USA
  • May 03, 2019
Full-time Computer Science Cryptography Cybersecurity Data Security Information Security Information Systems (IS) Javascript Network Security Python Ruby

Job Description

Intel's Information Security team is hiring Information Security professionals in all domains of Cyber Security across our locations in the United States, Israel, India and Costa Rica.

Candidates with 5 - 20 years of experience in Cyber Security and with diverse experience in one or several of the key Cyber Security domains are encouraged to apply. Security Management, Governance, Risk, Compliance, Privacy, Vulnerability Management, Data Protection, DLP, Identity and Access Management, Network Security, Application Security, Cryptography, End point security, Security engineering, Security architecture and design, Threat management, Threat intelligence, Security operations, Forensics, Investigations, Audit, Security Operations Center (SOC) and other major areas of Cyber Security are some of the skillsets we are looking for.

If you think you are a passionate security professional and ready to pursue an exciting and satisfying career with Intel, please apply in this requisition.


This position is for Intel's enterprise Information Security team. The Cyber Threat Intelligence Analyst manages threat priorities, detection coverage, and the threat actor portfolio. This role will partner with incident response, red team, and vulnerability and risk management.

Your responsibilities will include but not be limited to:

Track threat actors, campaigns, leading and tailing vulnerabilities and exploits, and associated tactics, techniques, and procedures (TTP).

Covert TTPs into internal SNORT, YARA, and SIEM rules to produce actionable alerts.

Produce clear, concise, and precise oral briefings, technical alerts, and actor profiles in accordance with accepted analytic tradecraft and methodologies.

Reverse engineer malware (static or dynamic) to support incident response and proactively convert malware artifacts into retro-hunts in malware repositories.

Ability to integrate timely, actionable, and relevant TTPs into Red Team operations to emulate actors, model campaigns, and increase detection in assumed areas of risk.

Ability to collect/analyze long-term actor trends to coordinate with peer information and product security, legal, and corporate security teams to reduce business impact.

Coordinate intelligence internally with information security teams and externally with trusted information sharing groups and select industry partnerships.


The ideal candidate should exhibit the following behavioral traits:

  • Problem-solving skills
  • Ability to multitask
  • Strong written and verbal communication skills
  • Ability to work in a dynamic and team oriented environment

You must possess the below minimum qualifications to be initially considered for this position. Preferred qualifications are in addition to the minimum requirements and are considered a plus factor in identifying top candidates.

Minimum Qualifications:

  • Bachelor's degree or higher in Computer Science, Math, Statistics, Information Systems, Economics, International relations or any other related area.
  • Certifications such as CISSP, GIAC, GCIH, GCFA, GREM, OSCP'E, CREST Certified Threat Intelligence Analyst, or FOR578 from certification bodies like ISC2, ISACA, SANS, or comparable intelligence community training are required.
  • 5+ years of experience working as a cyber intelligence analyst, incident responder, Red team operator, reverse engineer, or technical cyber policy analyst.
  • This U.S. position is open to U.S. Workers Only. A U.S. Worker is someone who is either a U.S. Citizen, U.S. National, U.S. Lawful Permanent Resident, or a person granted Refugee or Asylum status by the U.S. Government. Intel will not sponsor a foreign national for this position.

Preferred Qualifications:

  • Possess a passion for systems thinking, data analysis, strong analytical skills.
  • Integrate IOCs, detection rules, and correlation rules in accordance with CND-based models (Kill Chain, Pyramid of Pain, ATT&CK, etc.) with security operations tools.
  • Experience in Agile/Kanban enterprise-scale software development.
  • Industry or sector leadership in designing and improving the field of cyber intelligence.
  • Change agent with ability to drive accountability and cross-team outcomes across a matrixed global team environment across time zones and international geographies.

Knowledge, Skills, Abilities:

  • Scripting languages: Python, Ruby, JavaScript.
  • Network security tools: DNS monitoring tools, NIPS/NIDS rules, Next generation firewalls.
  • Malware reversing: Dynamic and static malware analysis, reversing engineering tools.
  • Email security tools: Proxy tools, anti-phishing software, and e-mail content scanning.
  • Host based security: HIPS/HIDS correlation rules, endpoint detection and response tools.
  • Analytic tradecraft: structured analytic techniques and/or Intelligence community standards.
  • Intelligence enrichment tools: PassiveDNS, Domain Registration, VirusTotal, OSINT collection.
  • Candidates should be willing to relocate to Folsom, California or Portland, Oregon area.

Inside this Business Group

Intel's Information Technology Group (IT) designs, deploys and supports the information technology architecture and hardware/software applications for Intel. This includes the LAN, WAN, telephony, data centers, client PCs, backup and restore, and enterprise applications. IT is also responsible for e-Commerce development, data hosting and delivery of Web content and services.

Other Locations

US, Arizona, Phoenix; US, California, San Jose

Posting Statement

All qualified applicants will receive consideration for employment without regard to race, color, religion, religious creed, sex, national origin, ancestry, age, physical or mental disability, medical condition, genetic information, military and veteran status, marital status, pregnancy, gender, gender expression, gender identity, sexual orientation, or any other characteristic protected by local law, regulation, or ordinance.