Threat Intelligence Analyst
- Evaluate, analyze, and derive actionable threat intelligence from a variety of open-source, commercial, and private sources to deliver quality deliverables to both technical and executive audiences.
- Assess, curate, and manage multiple threat intelligence feeds to enable the correlation of security events.
- Participation in the research and development of next-generation analytics to identify attack patterns that evade traditional countermeasures.
- Advocacy of intelligence-sharing principals to develop the capability, reputation, and footprint of Relativity.
- Provide subject-matter expertise during high-profile and targeted attacks under investigation by the Cyber organization.
- Familiarity with scripting or programming languages (Python, Powershell, Perl, etc), as they apply to information security.
- Interest to learn additional skills as required, including cross-functional tools and foreign languages.
- Exposure to intel-driven threat hunting principals to identify novel attack presentations and concepts.
- Knowledge of adversarial tools, techniques, and procedures within the context of the ATT&CK framework or equivalent.
- Strong familiarity with TCP/IP, cryptography, attacker methodologies, malicious code, exploit development, and mitigating controls.
- Proficiency with intelligence and analysis tools, including Splunk, Maltego, VirusTotal Intelligence, Threat Intelligence Platforms, and OSINT aggregators.
- One or more of the following certifications: GCTI, OSCP, GCIA, GREM, GNFA, CISSP or similar.
- Ability to leverage insight from internal telemetry and an emerging threat landscape describe and anticipate actions by cybercriminal, hacktivist, and cyberespionage actors.
- Comprehensive understanding of adversary technologies, capabilities, targeting profiles, and motivations to assess and attribute observed malicious activity.
- Familiarity with the application of the cyber kill chain and diamond model to conceptualize advanced cyber attacks.
- Capacity to provide both high-level and technical briefings on emerging threats and vulnerabilities, collaborating with extended Cyber teams to assess risk.
- Proficiency in the identification and validation of data exposure events sourced from industry-standard tools and the intelligence community.
- Ability to work collaboratively and independently to deliver projects based on high-level requirements and success criteria.
Our software has more than 150,000 active users in more than 40 countries from organizations including the U.S. Department of Justice, more than 70 Fortune 100 companies, and more than 195 of the Am Law 200. We have grown significantly over the last several years and continue striving to build software that helps solve our customers’ toughest e-discovery and unstructured data challenges. If you’re ready to grow with us, we’d love to hear from you. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.