Threat Landscape Analyst

About Infinit-O: As a top Business Process Optimization solutions provider we partner with the world's fastest-growing companies in Financial Services, Healthcare, and Technology, offering data-driven solutions and providing strategic advantage.

Our company specializes in business process optimization for 18 years now, with a world-class Net Promoter Score of 71, delivering powerful technology and high-performance teams within our highly engaged and agile culture.

What is the role that we need? We are looking for someone who has a keen eye for detail and has a passion for web research.

As a Threat Landscape Analyst, you will be responsible for producing high quality finished intelligence reports that provide clients of Recorded Future with meaningful actionable insights on emerging cyber threats. To do so, you will be responsible for conducting research via open-source intelligence (OSINT) and internal tools such as the Recorded Future Intelligence Cloud to analyze and assess cyber threats, produce detailed findings, and contribute to a comprehensive view of the cyber threat landscape. Your research and analysis will directly support Recorded Future clients in understanding potential risks to their infrastructure and operations. The intelligence reports and write-ups you produce will be tailored for a tactical or executive audience.

Research and Intelligence Report Writing

• Conduct in-depth research on trending cyber threat events, using open-source intelligence (OSINT) and the Recorded Future Intelligence Cloud. Use the research to produce a finished intelligence report that meets the customers needs. Ensure that the findings provide meaningful and actionable insights for clients.
• Analyze client-specific data to determine potential threats to their infrastructure.
• Produce threat landscape intelligence reports on a daily, weekly, monthly, and quarterly reports. Intelligence reports are completed via a "first chair" (primary assignee) and "second chair" (secondary assignee) basis.

• Produce "industry stories" (typically two per week), which are comprehensive writeups that focus on the following:

• New and emerging cyber threat trends (novel malware, vulnerabilities, or threat actor tactics, techniques, and procedures (TTPs))

• Prominent cyber attacks or cyber-related events that are widely reported across news outlets or security blogs
• Correlate findings with threat intelligence frameworks such as MITRE ATT&CK and CVE standards.
• Develop logical assessments and outlooks on cyber threat incidents, identifying the "so what", "now what", and "then what" factors and potential impacts on clients.

• Stay on top of novel or emerging cyber threats, including malware, phishing, software vulnerabilities (CVEs), exploits, and attack methodologies.

• Ensure all reports and assessments adhere to Recorded Future's professional and high-level standards, which include intelligence writing, critical thinking, and analysis.

Collaboration, Process Improvement, and Best Practices

• Work closely with the Threat Intelligence (US, UK, AU) and Data Science (Philippines) teams to ensure client intelligence requirements are met effectively.
• Curate and validate threat entities referenced in intelligence reports.
• Actively participate in team discussions via regular meetings to improve internal workflows or brainstorm on new threat intelligence processes and research methodologies.
• Contribute to process improvements and best practices in cyber threat research and intelligence reporting.

Experience

• At least one (1) to two (2) years of professional experience in technical writing, due diligence, risk assessments, physical threat intelligence, fraud intelligence, or any role requiring substantial report writing.
• At least (1) to two (2) years of professional experience in the cyber security and cyber threat-related field.

Technical & Analytical Skills

• Basic understanding and knowledge of cyber threats (malware, phishing, trojans, botnets, etc.) and the broader cyber threat landscape.
• Basic understanding of defense strategies, risk reduction, and threat mitigation, with the ability to deliver detailed recommendations that help Recorded Future clients protect against emerging cyber threat trends
• Familiar with cyber threat analysis, intelligence research, and OSINT methodologies.
• Ability to accurately interpret raw data and translate it into technical writing.
• Familiarity with MITRE ATT&CK and CVEs.
• Can accurately map MITRE tactics, techniques, and procedures (TTPs) to the cyber kill chain.
• Ability to create logical assessments, recommendations, and outlook related to cyber events (i.e, identifying the "so what", "now what", and "then what" factors and potential impacts on clients)
• Excellent documentation skills; sufficient or advanced experience using Google Docs, Google Sheets, and Google Slides, which the team uses on a daily basis. The ability to produce charts and graphs that align with findings and analysis required for intelligence reports is a plus.

Communication & Writing Skills

• Strong English-language grammar (preferably American English).
• Strong reading comprehension skills.
• Strong English verbal communication skills.
• Strong time management and organizational skills in order to meet tight deadlines
• Ability to produce structured, concise, and insightful written analysis tailored to different audiences.
• A self-starting, proactive mindset committed to maintaining high standards in a fast-paced environment.
• Ability to work both independently and collaboratively.

Work Ethics

• Excellent attention to detail and accuracy.
• Curiosity-driven approach to research and problem-solving.
• Ability to work independently and collaborate in a fast-paced team environment.
• Strong time management and organizational skills to meet strict deadlines.
• Adaptive mindset with a willingness to embrace change and process improvements.

Information Security & Compliance

• Safeguard client-supplied and client-generated information from unauthorized access, disclosure, modification, destruction, or interference.
• Carry out assigned tasks in alignment with processes related to information security and overall operational procedures.

Technical Proficiency

• Experience using Recorded Future Intelligence Cloud or other related threat intelligence and research platforms.
• Intermediate to advanced-level expertise with conducting open-source research or using OSINT to produce meaningful information for a technical or executive audience.
• Experience with generative artificial intelligence (AI) tools to aid with research and cyber threat intelligence analysis, writing, workflow improvement, etc.
• Intermediate to advanced-level expertise with proposing actionable mitigations and/or defense measures to combat emerging threat trends and TTPs
• Familiarity with JIRA for task management.

Industry Knowledge

• Updated with recent cyber trends, cyberattacks, vulnerabilities, and emerging cyber threats.
• Intermediate to advanced level knowledge of the cyber threat landscape. These include (but not limited to): novel malware or threat actors, cyberattack TTPs, N-days and zero-days, red-teaming tools used for malicious activities, etc.
• Ability to propose actionable mitigations and defensive strategies based on research findings.

Education & Certifications

• Preferred but not required: A Bachelor of Science (BS) degree in Computer Science, Information Systems, Cyber Intelligence, or a related field.
• Relevant cybersecurity certifications (e.g., Security+, CySA+, GCTI, GCIA, CISSP) are a plus.