Cybersecurity Threat Analyst Leader

As a Threat Intelligence Lead, you will own our threat intelligence strategy and execution. This includes understanding which cyber threat actors are targeting us, and using intelligence on tactics, techniques, and procedures (TTP) to improve our products and internal cybersecurity controls.

We collaborate with internal stakeholders as well as the wider cybersecurity community to ensure we're recognized as a thought leader on open source threat intelligence. This role reports directly to the Chief Information Security Officer (CISO).

You will lead intelligence gathering and development activities on threat actors targeting software supply chains. You'll study attack trends across the wider open source software landscape, report findings to internal security teams, and advise the engineering community on the best course of action to detect and mitigate possible threats.

This team's mission is to help us, and by extension countless community members and companies around the world, secure their software infrastructure.

• Build and own our threat intelligence strategy
• Maintain OSINT research environments
• Identify and track targeted intrusion cyber threats, trends, and new developments by cyber threat actors through analysis of proprietary and open source datasets
• Collaborate across teams to inform on activity of interest
• Coordinate adversary/campaign tracking
• Contribute to the wider threat intelligence community, establishing us as a key contributor and thought leader in the space
• Work with product and engineering teams to explain cybersecurity threats and advise on mitigation strategies
• Work with the OPSEC and IS team to help implement/update security controls prioritizing cyber defence
• Identify intelligence gaps and propose new tools and research projects to fill them
• Conduct briefings for executives, internal stakeholders, and external customers

• Experienced threat intelligence leader (or similar)
• Knowledgeable about the current open source threat landscape and computer networking/infrastructure concepts
• Highly competent with OSINT tools (e.g., Buscador, Trace Labs OSINT VM, OSINT Framework, Maltego, Shodan, social media scraping tools, etc.)
• Able to identify, organize, catalogue, and track adversary tradecraft trends – often with incomplete data
• Experienced using threat intelligence data to influence enterprise architecture or product development decisions
• Excellent communicator with the ability to clearly articulate and tailor technical content to a variety of audiences
• Able to travel twice a year, for company events up to two weeks long

• Professional portfolio of OSINT-related scripts, tools, or frameworks
• Demonstrated involvement in the larger OSINT community
• Degree qualified, with a bachelor's degree in computer science, information security, or a related field
• Certifications in related areas (e.g., GOSI, SANS SEC487 & SEC587, Intel Techniques OSIP, etc.)
• Experience in a tech company or government/military signal intelligence departments

We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognize outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits that reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.

Our distributed work environment includes twice-yearly team sprints in person. We offer personal learning and development budget of USD 2,000 per year. Annual compensation review recognition rewards. Annual holiday leave. Maternity and paternity leave. Employee Assistance Programme. Opportunity to travel to new locations to meet colleagues. Priority Pass, and travel upgrades for long haul company events.

We're an equal opportunity employer proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.