Proud to serve our 62+ million members, help travelers see the world and drive real change to improve road safety.
Cyber Threat Intelligence Analyst
Location
Alabama + 20 moreAll locations: Alabama | Arizona | California | Colorado | Connecticut | District Of Columbia | Florida | Idaho | Illinois | Iowa | Kansas | Kentucky | Louisiana | Maine | Montana | Maryland | Massachusetts | Michigan | Minnesota | Mississippi | Missouri
Posted
10 days ago
Salary
$122.9K - $164K / year
Seniority
Senior
Job Description
Cyber Threat Intelligence Analyst
AAA
• operationalizing the Threat Intelligence Platform (TIP) • tracking priority threats • delivering actionable, detection‑driven intelligence to security teams and leadership • identifying, analyzing, and tracking cyber threats that may impact the organization • collecting intelligence from a wide range of internal and external sources • analyzing and contextualizing threat intelligence • supporting security operations through actionable insights • monitoring and analyzing intelligence from commercial, industry, and OSINT sources • maintaining and using Threat Intelligence Platforms (TIP) • integrating intelligence across security tools • collecting, enriching, and managing actionable IOCs • providing real‑time intelligence context during investigations and incidents • responding to ad hoc and time‑sensitive intelligence requests from stakeholders • producing and delivering intelligence reports and briefings for technical and non‑technical audiences
Job Requirements
- 6+ years of experience in Cyber Threat Intelligence, SOC, Incident Response, Threat Hunting, or related cybersecurity roles
- Bachelor’s degree in computer science, Information Technology, or a related field, or an equivalent combination of education and experience
- Deep experience operating and optimizing industry leading Threat Intelligence Platforms (TIPs)
- Proven experience leveraging commercial threat intelligence providers such as Flashpoint, Recorded Future, Intel 471, ZeroFox, or comparable services to support operational intelligence requirements
- Strong mastery of the intelligence lifecycle, with demonstrated ability to operationalize intelligence from collection through dissemination and action
- Advanced working knowledge of the MITRE ATT&CK framework, with experience applying it to threat analysis, detection engineering, and reporting
- Demonstrated experience managing and enriching IOCs, with a focus on translating intelligence into measurable detection, blocking, and mitigation outcomes
- Solid understanding of SIEM, SOAR, EDR, and case management platforms, and how intelligence integrates into and enhances investigative workflows
- Experience analyzing vulnerability and exploit intelligence to assess real‑world risk, likelihood of exploitation, and potential business impact
Benefits
- annual bonus eligibility for most roles
- 401(k) with a company match
- Flexible Workplace
- Professional development opportunities
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
Junior SOC Analyst
Deutsche TelekomHeadquartered in Bellevue, Washington, T-Mobile is an international cell phone carrier that is part of Deutsche Telekom, one of the largest telecommunications companies in the worl
Role Description - Monitoreo de alertas en herramientas como CrowdStrike, Microsoft Defender, Cortex XDR, Splunk, SocRadar y ServiceNOW. - Análisis inicial de eventos e incidentes de ciberseguridad. - Escalación inicial de incidentes siguiendo playbooks. - Documentación básica de incidentes de seguridad. - Atención y seguimiento de tickets. - Reporte oportuno de anomalías/comportamiento sospechoso detectado. Qualifications - Conocimientos básicos de redes, sistemas operativos (Windows/Linux/macOS) y conceptos de ciberseguridad. - Capacidad de análisis contextual de información. - Manejo de herramientas de análisis OSINT (VirusTotal, AbuseIPDB, HybridAnalysis, etc). - Capacidad de seguir procedimientos estandarizados. - Comunicación clara y efectiva. - Orientación al detalle y disciplina en la documentación. - Inglés Intermedio (necesario, se realiza entrevista en inglés). - 0 a 2 años en áreas de soporte técnico, helpdesk o seguridad informática. - Experiencia básica en monitoreo de sistemas o uso de consolas de seguridad. - Deseable prácticas profesionales en un SOC, Datacenter o área de TI. Requirements - Certificaciones deseables: - CompTIA CySA+ - Microsoft SC-200 - Splunk Core Certified User - CrowdStrike Certified Falcon Responder - CrowdStrike Certified Falcon Administrator - Palo Alto Networks Security Operations Professional - Fortinet NSE1/NSE2 Benefits - T-Systems se enorgullece de ser un empleador que ofrece igualdad de oportunidades y acción afirmativa. - No discriminamos por motivos de raza, religión, color, origen nacional, sexo (incluido el embarazo, el parto o condiciones médicas relacionadas), orientación sexual, género, identidad de género, expresión de género, condición de transgénero, estereotipos sexuales, edad, condición de persona con discapacidad, u otras características legalmente protegidas aplicables. - En cualquier proceso de evaluación o contratación dentro de T-Systems México no se requieren pruebas de VIH ni de embarazo. - T-Systems cuenta con un sistema de gestión antisoborno y es compromiso de todos los colaboradores conocerlo y cumplirlo. - Brindamos a nuestros empleados oportunidades únicas para un mayor desarrollo, ya sea en carreras técnicas o gerenciales.
Junior Application Security Analyst
TD SYNNEXAt TD SYNNEX, our values guide everything we do: Together, We Own It, We Dare to Go, We Grow and Win, and above all, We Do the Right Thing. These principles shape how we work with each other, our partners, and our communities as we drive innovation and create lasting impact. TD SYNNEX is proud to be an equal opportunity employer. We welcome applicants from all backgrounds and experiences and are committed to creating an inclusive environment where everyone can thrive.
• Support TD SYNNEX’s global application security and cybersecurity technologies. • Execute key security processes, including application security testing, vulnerability management, and threat analysis. • Review security findings and help identify coding vulnerabilities, misconfigurations, and areas of risk. • Support vulnerability prioritisation, remediation tracking, and communication with technical teams. • Assist with security health checks, compliance reviews, and KPI reporting. • Help improve secure coding practices, process documentation, and security procedures. • Support process automation and orchestration to improve operational efficiency. • Contribute to investigations related to potential application security incidents.
Junior Cyber Security Analyst
True Zero TechnologiesTrue Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. Recognized as one of the Best Places to Work in 2023 in two categories Earned spots on the Inc. 5000 list of fastest-growing companies in America in 2022, 2023, and 2025 Community of like-minded, driven, and passionate individuals
Role Description The Junior Cyber Security Assurance Analyst will be responsible for providing support for system security assessments of a cloud-based, NIST-regulated systems. Works with technical and functional teams to define, document, and deliver security documentation and artifacts that demonstrate compliance with required security controls. Supports the remediation and tracking of identified deficiencies and works with the Security team to support continuous diagnostic and monitoring programs as needed. Supports the security work stream within the system release/change management process. Reviews planned system changes, helps identify and document security impacts, helps coordinate security scanning, testing, reporting as well as production readiness and post implementation support activities. Successful candidates will work closely with U.S. Federal Government clients, including Information System Security Officers (ISSO), System Owner, Cyber security team, and other groups as needed on release related activities. Updates established work plans for Security release activities. Qualifications - Implement, administer, and use cybersecurity tools, systems and applications; develop policies, standards, and guidelines to ensure secure enterprise-wise operations, performance and resiliency. - Deploy and secure security systems, application layer and traditional firewalls, vulnerability management and forensics utilities, and other infrastructure deployed and maintained by the Information Security Office. - Develop plans to safeguard information against unauthorized access modification, and destruction, and ensure organizational continuity of operations. - Monitor, research, and respond to cyber related events and incidents such as malicious code detection, intrusion, detection, system configuration, and patch management issues. - Conduct risk assessments, audits, and validate that system functionality, and security controls are implemented appropriately according to policy and industry best practices. - Conduct cybersecurity training and outreach organization-wide. Requirements - BA or BS degree, or at least 4 years of experience in related field - Minimum 1+ years supporting OR conducting federal system security assessments - Minimum 1+ years developing formal security documentation - Minimum 1+ years assessing and remediating security findings - Minimum 1+ years exposure to the SDLC - Minimum 1+ years experience with Release Management or Change Management - Thorough knowledge of NIST SP 800-series security guidelines - Active clearance, or ability and willingness to submit for a clearance may be required - Approved to work in the United States - Excellent written and oral communication skills - Ability to work well in a team environment Benefits - Competitive salary, paid twice per month - Best in class medical coverage - 100% of medical premiums covered by True Zero - Company wide new business incentive programs - Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.) - 3 weeks of PTO starting + 11 Paid Holidays Annually - 401k Program with 100% company match on the first 4% - Monthly reimbursement of Cell Phone and Home Internet costs - Paternity/Maternity Leave - Investment in training and certifications to broaden and deepen your technical skills
Role Description The contractor shall support the Pharmacy Operations Division (POD) Informatics System Security Manager (ISSM) in cybersecurity matters by providing analytic and technical advice to support DoD Cybersecurity policies and activities. - Assist the ISSM with development, review, and management of cybersecurity documentation (e.g., System Authorization Plans, Categorization Memos, Plan of Action, and Milestones (POA&M), hardware and software lists, boundary diagrams). - Work with vendors to ensure compliance requirements are met with the focus of achieving Authorization to Operate (ATO) for all packages. - Ensure compliance with 8582.01 controls to maintain system security throughout the lifecycle. - Confirm the validity of hardware and software lists, architecture diagrams, and resolve findings through remediation/mitigation statements in the system POA&M. - Assess configuration changes to determine overall impact to the security posture of the system. - Analyze system administrator generated vulnerability scans from various tools (e.g., Automated Compliance Assessment Solution (ACAS), Host Based System Security (HBSS), Security Content Automation Protocol (SCAP) Nessus) and review Security Technical Implementation Guides (STIGS) and checklists to provide vulnerability assessments at the system level. - Utilize reporting tools (e.g., Enterprise Mission Assurance Support Services (eMass) and Continuous Monitoring and Risk Scoring (SMRS) for documentation and evidence of assessment results for each system. - Establish an enduring hardware lifecycle and software license management process to implement and maintain cybersecurity posture. - Develop a threat-based defense against adversaries and deploy a more effective, efficient, and realistic cybersecurity operations. Qualifications - Bachelor's Degree or 8 years' experience in Cybersecurity support. - CompTIA Security+. - DoD-approved Cybersecurity workforce certification Information Assurance Technical (IAT) Level III per DoD 8570.01-M (e.g., CISSP, CISA, CASP CE). Requirements - Eight or more years cybersecurity experience. - Experience assessing new security laws, policies, and standards in the federal government. - Possess technical knowledge of National Institute of Standards and Technology (NIST), Risk Management Framework (RMF), Federal Risk and Authorization Management Program (FedRAMP) with a solid understanding of cloud deployment, security policy requirements and assessments, and service models as defined by the NIST. - Understanding of IP networking, networking protocols and security-related technologies including encryption, IPsec, PKI, VPN, firewalls, proxy services, DNS, electronic mail and access-lists. - Possess depth knowledge of security hardening, assessment and reporting tools (e.g. HBSS, ACAS, SCAP, etc.) with the ability to assess and provide appropriate feedback for external audits and remediation plans. Preferred Knowledge/Experience - Possess excellent written and oral communication skills. - Proficient in Microsoft Office Suite Applications: Excel, Outlook, PowerPoint, Word, Visio. Physical Requirements - Remote work in a private and suitable location. - Private secure high efficiency home internet access. - Private secure high efficiency telecommunications. Other Responsibilities - Standard Monday through Friday day schedule, but may travel and/or work weekends and extended hours if needed with approval of program manager and government leads.



