About GitHub GitHub is the world’s leading platform for agentic software development — powered by Copilot to build, scale, and deliver secure software. Over 180 million developers, including more than 90% of the Fortune 100 companies, use GitHub to collaborate, and more than 77,000 organisations have adopted GitHub Copilot. Locations In this role you can work from Remote, United States Overview Staff Threat Intelligence Analyst – Threat Intelligence Team GitHub is changing the way the world builds secure software and we want you to help change the way we secure GitHub. GitHub’s Threat Intelligence team investigates sophisticated threat activity targeting GitHub and our users. We're looking for an experienced threat intelligence analyst to help protect GitHub from advanced cyber threats. In this role you will use data from a variety of open, closed, and internal sources to gain insight into adversary activity and drive intelligence-informed security countermeasures across GitHub. This role will focus on researching and operationalizing high-quality threat intelligence, and building new threat actor tracking and detection capabilities. You'll also provide a vital, threat-informed perspective to many Security-wide and anti-abuse initiatives including threat hunting and detection workflows, Red Team operations, and engineering efforts. This is an opportunity to join a high impact, strongly collaborative team that helps drive secure outcomes for the Open Source Software community and beyond. If you have deep experience conducting technical threat intelligence investigations and are comfortable leading strategic projects to solve complex security problems, we want to hear from you! Responsibilities - Develop and maintain subject matter expertise in a portfolio of threats to GitHub, our customers, employees, infrastructure and the wider OSS community - Conduct technical investigations into complex threat actor activity targeting GitHub and its users - Identify and disrupt platform abuse by advanced threat actors - Lead cross-org strategic projects to better understand and track threats to GitHub and our customers - Design, develop, and maintain tools and queries to assist in investigations - Provide relevant and concise analysis for stakeholders, including teams within Security, Engineering, and executive leadership - Coordinate disruption efforts against sophisticated misuse of the GitHub platform by advanced threat actors Qualifications - 10+ years experience in security analysis, security research, cyber security, security engineering, or relevant area - OR Associate's Degree AND 9+ years experience in security analysis, security research, cyber security, security engineering, or relevant area - OR Bachelor's Degree AND 8+ years experience in security analysis, security research, cyber security, security engineering, or relevant area - OR Master's Degree AND 6+ years experience in security analysis, security research, cyber security, security engineering, or relevant area - OR Doctorate AND 4+ years experience in security analysis, security research, cyber security, security engineering, or relevant area - OR equivalent experience - 5+ years of technical threat intelligence analysis and investigations experience with a focus on tracking and disrupting advanced persistent adversaries. - 2+ years of experience building tools and automations in collaborative codebases using Python and/or other programming languages. - 3+ years conducting threat investigations in high-traffic environments (e.g., large web platforms); demonstrated knowledge of attacker infrastructure, attack vector, and tooling trends, plus strong evidence capture and documentation practices? Preferred Qualifications: - Knowledge of Linux and MacOS systems, git, and GitHub. - Proficiency with Azure, KQL, Terraform, and Airflow. - Experience leveraging AI workflows, where appropriate, to drive improved security outcomes. - An existing network of threat intelligence contacts and a high degree of comfort managing information sharing relationships. - Proven track record of collaborating with Security Operations and Engineering teams for host and network based investigation and detections. Compensation Range The base salary range for this job is USD $140,400.00 - USD $372,300.00 /Yr. These pay ranges are intended to cover roles based across the United States. An individual's base pay depends on various factors including geographical location and review of experience, knowledge, skills, abilities of the applicant. At GitHub certain roles are eligible for benefits and additional rewards, including annual bonus and stock. These rewards are allocated based on individual impact in role. In addition, certain roles also have the opportunity to earn sales incentives based on revenue or utilization, depending on the terms of the plan and the employee's role. GitHub values - Customer-obsessed - Ship to learn - Growth mindset - Own the outcome - Better together - Diverse and inclusive Manager fundamentals - Model - Coach - Care Leadership principles - Create clarity - Generate energy - Deliver success Who We Are GitHub is the world’s leading AI-powered developer platform with 150 million developers and counting. We’re also home to the biggest open-source community on earth (and 99% of the world’s software has open-source code in its DNA). Many of the apps and programs you use every day are built on GitHub. Our teams are dreamers, doers, and pioneers, leading the way in AI, driving humanitarian efforts around the globe, and even sending open source to Mars (and beyond!). At GitHub, our goal is to create the space you need to do your best work. We’re remote-first and offer competitive pay, generous learning and growth opportunities, and excellent benefits to support you, wherever you are—because we know that people flourish when they can work on their own terms. Join us, and let’s change the world, together. EEO Statement GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!

Thank you for your interest in joining Solventum. Solventum is a new healthcare company with a long legacy of solving big challenges that improve lives and help healthcare professionals perform at their best. At Solventum, people are at the heart of every innovation we pursue. Guided by empathy, insight, and clinical intelligence, we collaborate with the best minds in healthcare to address our customers’ toughest challenges. While we continue updating the Solventum Careers Page and applicant materials, some documents may still reflect legacy branding. Please note that all listed roles are Solventum positions, and our Privacy Policy: https://www.solventum.com/en-us/home/legal/website-privacy-statement/applicant-privacy/ applies to any personal information you submit. As it was with 3M, at Solventum all qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Job Description: Cyber Threat Intelligence Lead 3M Health Care is now Solventum At Solventum, we enable better, smarter, safer healthcare to improve lives. As a new company with a long legacy of creating breakthrough solutions for our customers’ toughest challenges, we pioneer game-changing innovations at the intersection of health, material and data science that change patients' lives for the better while enabling healthcare professionals to perform at their best. Because people, and their wellbeing, are at the heart of every scientific advancement we pursue. We partner closely with the brightest minds in healthcare to ensure that every solution we create melds the latest technology with compassion and empathy. Because at Solventum, we never stop solving for you. The Impact You’ll Make in this Role As a Cyber Threat Intelligence Lead, you will have the opportunity to tap into your curiosity and collaborate with some of the most innovative and diverse people around the world. As a Cyber Threat Intelligence Lead, you will make an impact by: - Leading, improving, and building our Threat Intelligence program through Threat Informed Defense principles - Analyzing and understanding logs and artifacts from internal and external sources to identify threat actors and guide the improvement of Solventum defenses - Actively participating during investigations, hunts, detection development, and Incident Response - Collaborating effectively with other teams: interact, provide, and receive feedback from the response, detection, hunting, and engineering teams - Authoring, publishing, and disseminating intelligence products to stake holders including senior leadership Your Skills and Expertise To set you up for success in this role from day one, Solventum requires (at a minimum) the following qualifications: - Bachelor’s Degree or higher AND seven (7) years of experience in incident response and/or threat hunting roles in a private, public, government or military environment OR - High School Diploma/GED AND fourteen (14) years of experience in incident response and/or threat hunting roles in a private, public, government or military environment In addition to the above requirements, the following are also required: - Understanding of threat actors, malware, MITRE ATT&CK, and intelligence lifecycle - Experience implementing and using intelligence providers and platforms Additional qualifications that could help you succeed even further in this role include: - Technical, analytical, and investigative skills - Previous experience building and standing up a Threat Intel program - Working knowledge of current security trends and best practices - Working knowledge of intelligence and analysis techniques - Written and verbal communication skills - Think, act, and execute with urgency with limited guidance Work location: Remote - United States Travel: May include up to 5% [domestic/international] Must be legally authorized to work in country of employment without sponsorship for employment visa status (e.g., H1B status). Supporting Your Well-being Solventum offers many programs to help you live your best life – both physically and financially. To ensure competitive pay and benefits, Solventum regularly benchmarks with other companies that are comparable in size and scope. Applicable to US Applicants Only:The expected compensation range for this position is $163,200 - $224,400, which includes base pay plus variable incentive pay, if eligible. This range represents a good faith estimate for this position. The specific compensation offered to a candidate may vary based on factors including, but not limited to, the candidate’s relevant knowledge, training, skills, work location, and/or experience. In addition, this position may be eligible for a range of benefits (e.g., Medical, Dental & Vision, Health Savings Accounts, Health Care & Dependent Care Flexible Spending Accounts, Disability Benefits, Life Insurance, Voluntary Benefits, Paid Absences and Retirement Benefits, etc.). Additional information is available at: https://www.solventum.com/en-us/home/our-company/careers/#Total-Rewards Responsibilities of this position include that corporate policies, procedures and security standards are complied with while performing assigned duties. Solventum is committed to maintaining the highest standards of integrity and professionalism in our recruitment process. Applicants must remain alert to fraudulent job postings and recruitment schemes that falsely claim to represent Solventum and seek to exploit job seekers. Please note that all email communications from Solventum regarding job opportunities with the company will be from an email with a domain of @solventum.com. Be wary of unsolicited emails or messages regarding Solventum job opportunities from emails with other email domains. Please note, Solventum does not expect candidates in this position to perform work in the unincorporated areas of Los Angeles County. Solventum is an equal opportunity employer. Solventum will not discriminate against any applicant for employment on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status. Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly. Solventum Global Terms of Use and Privacy Statement Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at Solventum are conditioned on your acceptance and compliance with these terms. Please access the linked document by clicking here. Before submitting your application you will be asked to confirm your agreement with the terms.

• Collect, validate, analyze, and integrate information from multiple sources, including raw and incomplete data, to produce high-quality finished intelligence and analytical deliverables that enable private and public sector clients to make informed operational and strategic decisions. • Perform detailed multi-source imagery data exploitation, geospatial integration and contextualization writing in support of Project Leads, following established Standard Operating Procedures (SOPs) and written Tactics, Techniques and Procedures (TTPs). • Lead projects and develop collection and analysis strategies using all-source methodologies, with a focus on leveraging local indigenous sources, locally sourced imagery, secondary research, social media analysis, publicly available geospatial data, and commercial satellite imagery to answer client requirements. • Develop, refine, and continuously improve research and analytical methodologies; evaluate emerging sources, tools, and collection approaches; and recommend new methods to enhance project quality, efficiency, and insight generation. • Fuse and integrate disparate streams of information to produce finished written analytical products that clearly define the problem, outline methodology, assess key findings, identify gaps and assumptions, and provide well-reasoned judgments and recommendations. • Adhere to Culmen International Writing Style guide and aim to “write for release” which entails evaluating the source and packaging the research in a way that protects proprietary methodologies. • Perform requirements-based Secondary Research (desktop or online research) and be able to author original written reports on findings and document sources; must have an understanding of Operational Security while online to include use of non-attributable search methods. • Perform gap analysis on field and final analytical products to ensure deliverables address all collection objectives, satisfy client requirements, and meet quality standards; clearly articulate intelligence gaps, collection shortfalls, and recommendations for follow-on action. • Geospatial analysis. Ability to interpret maps and overhead/satellite imagery and compare with ground-acquired event data (to include hand-held imagery, social media imagery, news coverage) to deduce geolocation and exploit information. • Provide substantive research expertise and analytical support for directed efforts, including rapid-turn and high-priority Requests for Information (RFIs), while managing competing deadlines and evolving client requirements. • Support data management, knowledge management, and filing protocols to ensure analytical integrity and efficient retrieval of project materials. • Coordinate across project teams to support planning, workflow management, and internal communication on project status, deliverables, and deadlines. • Assist in developing, maintaining, and training team-level written SOP and TTPs.

• Protect our customer's networks by identifying and understanding intrusions using Falcon Endpoint data and the broader CrowdStrike product suite. • Analyze adversary activity and communicate those findings to customers as part of our fast-paced time sensitive mission to help stop breaches. • Undertake research to improve our detection capabilities, understand our adversaries, build tools, or work with other CrowdStrike teams across a broad range of topics and projects • Participate in active and passive threat hunting and gain fast-paced experience in dealing with threat actors