Agentic Intelligence for National Security
Intelligence Pipeline Analyst
Location
California + 1 moreAll locations: California | New York
Posted
3 days ago
Salary
$90K - $120K / year
Seniority
Lead
Job Description
Intelligence Pipeline Analyst
Zignal Labs
• Design, configure, maintain, and optimize operational intelligence collection pipelines supporting real-time monitoring and alerting workflows • Independently build, curate, tune, and manage structured datasets, collection logic, enrichment workflows, and operational intelligence pipelines • Develop and refine advanced collection strategies using Boolean logic, heuristics, metadata enrichment, tagging frameworks, geospatial filtering, and signal scoring methodologies • Drive continuous improvements in signal quality, workflow efficiency, operational relevance, and data reliability • Deploy, evaluate, monitor, and optimize AI/ML and computer vision models supporting operational intelligence workflows • Develop, test, and refine LLM-driven workflows, prompt frameworks, and AI-assisted alerting systems • Support multimodal intelligence workflows integrating text, image, video, metadata, geospatial, and behavioral signals into actionable operational insights • Partner closely with Product, Engineering, Data Science, Customer Success, and mission stakeholders to operationalize new capabilities and improve workflows • Lead operational troubleshooting, pipeline hardening, workflow optimization, and issue resolution efforts • Identify emerging collection opportunities, platform shifts, operational risks, and regional digital ecosystem changes • Contribute to operational standards, workflow documentation, and best practices for intelligence pipeline engineering • Mentor junior team members supporting operational intelligence workflows • Uphold classification, security, legal, and ethical standards for government-facing operational environments
Job Requirements
- Active TS/SCI clearance preferred or ability to obtain and maintain one
- 8+ years of experience supporting DoD, Intelligence Community, defense contractor, or related operational intelligence environments
- Experience designing, operating, or optimizing intelligence collection workflows, operational monitoring pipelines, or AI-assisted analytical systems
- Strong understanding of OSINT methodologies, operational collection strategies, and intelligence tradecraft
- Advanced experience building and refining Boolean logic, heuristic filtering, operational tagging systems, or enrichment workflows
- Familiarity with AI/ML concepts including NLP, clustering, anomaly detection, entity extraction, computer vision, or multimodal analysis
- Ability to independently manage competing operational priorities in dynamic mission environments
- Strong communication and cross-functional collaboration skills
Related Guides
Related Categories
Related Job Pages
More Threat Intelligence Specialist Jobs
Principal Product Intelligence Analyst – Cortex XSIAM
Palo Alto NetworksPalo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics. All your information will be kept confidential according to EEO guidelines.
• As the Principal for Competitive Intelligence within the Cortex Product Management organization, you are the strategic link between the competitive landscape and our product roadmap. • By applying Structured Analytic Techniques (SATs) to technical competitive data, you will provide the "Inconvenient Truths" that challenge our product assumptions. • You will be responsible for ensuring that Cortex doesn't just match competitor features, but maintains a structural architectural advantage that is validated by evidence and field reality. • You will translate deep research results into Product Requirement Documents (PRDs), prioritize feature gaps based on competitive urgency, and present key takeaways to senior leaders. • Go beyond CRM data to conduct "post-mortem analysis" deep dives on significant losses, delivering actionable product feedback to Engineering and PM leadership to remove technical friction in the sales cycle.
Data Analyst – Fraud Intelligence
Sardine AIOn a mission to "shape the future of global finance," Sardine AI works to make payments risk-free and instant so businesses and consumers can move money confide
• Design and execute structured evaluation frameworks to assess the quality, coverage, and fraud-signal value of incoming data assets from vendor partners • Build lift analyses, backtests, and champion/challenger comparisons to quantify the incremental value of new data signals against our existing fraud detection stack • Profile vendor datasets for completeness, freshness, match rates, and population coverage across verticals (crypto, fintech, neobanks, e-commerce, etc.) • Collaborate with fraud leadership to define evaluation criteria tied to real fraud outcomes — false positive rates, catch rates, precision/recall tradeoffs • Translate vendor data findings into clear, actionable recommendations: adopt, pilot, deprioritize, or decline • Partner with data engineering to define ingestion requirements and ensure test environments reflect production-like conditions • Document evaluation results and maintain an internal knowledge base on vendor data performance over time • Support ad hoc deep dives into fraud trends, model performance, and client-specific data questions as needed
• Assist senior hunters in running searches across endpoints and networks to uncover hidden threats, unusual behavior, and stealthy malware. • Review and analyze security logs and telemetry to identify anomalies or potential indicators of compromise (IOCs). • Help create, test, and write new threat detection rules to improve the company's security visibility. • Keep up to date on major global cyber threats and assist in mapping attacker Tactics, Techniques, and Procedures (TTPs). • Help review search findings, separate benign events from actual threats, and draft technical reports for senior analysts.
Principal Threat Hunter
MitigaMitiga preemptively detects and stops attacks before damage is done. Mitiga moves your security beyond configuration-focused prevention. In today’s cloud-first, AI-driven world, attackers inevitably get in. Mitiga promptly stops them. Our platform connects Cloud, SaaS, AI, and Identity into one panoramic forensic system that gives SecOps total awareness, attack decoding, and autonomous containment. The result: attacks stop mid-flight, investigations are instant, and impact disappears. We replace the false promise of “zero breach” with a promise we can keep - Zero Impact. When attackers get in, Mitiga ensures they get nothing.
Role Description We're looking for a Senior Principal Threat Hunter to serve as a senior technical leader within our Cyber Defense Team. This is a high impact individual contributor role; you won't manage people, but you'll influence how we hunt, investigate, and respond to threats across cloud and SaaS environments at scale. You'll be the person who takes a weak signal, a piece of emerging intelligence, or an unusual customer activity pattern and turns it into a meaningful investigation, a proactive hunt, or a new detection opportunity. You'll lead the most complex investigations, drive threat intelligence initiatives, and help define the hunting methodologies that guide our customers' security outcomes. As one of the team's most senior practitioners, you'll act as a force multiplier across hunting, intelligence, and incident response functions, elevating technical standards, mentoring peers, and helping shape the future of our detection and response capabilities. What You'll Do - Design and execute proactive threat hunts across cloud and SaaS environments (AWS, Azure, GCP, Okta, M365), grounded in current intelligence and ATT&CK-mapped adversary behavior. - Mature and operate a recurring threat intelligence reporting function, turning intel into hunt leads, detection opportunities, and customer-facing narratives. - Lead incident response investigations during US business hours, from scoping through root cause; step into the Incident Commander role when required. - Continuously monitor threat detections and deliver responsive services with thorough event analysis and judgement. - Triage and investigate security alerts across cloud and SaaS environments, separating true threats from noise and surfacing detection gaps to the detection engineering team. - Leverage automation and AI tooling to scale impact, and propose improvements for processes, workflows, products, and policies. - PLUS: Exposure to detection engineering, tooling and automation development, or prior managed services (MSSP) experience. Qualifications - 5+ years of experience in a security operations role, with a focus on threat hunting and/or threat intelligence. - Proven experience building or contributing to a structured threat hunt and/or threat intelligence program. - Incident response experience with the ability to lead investigations independently; Incident Commander experience a plus. - Working knowledge of cloud and SaaS environments (AWS, Azure, GCP, Okta, M365). - Hands-on use of automation or AI tooling in security operations; demonstrated use, not just awareness. - Strong written and verbal communication, excellent analytical and problem-solving skills, highly independent and self-driven, and comfortable in a fast-paced and virtual environment. Requirements - 5+ years of experience in a security operations role, with a focus on threat hunting and/or threat intelligence. - Proven experience building or contributing to a structured threat hunt and/or threat intelligence program. - Incident response experience with the ability to lead investigations independently; Incident Commander experience a plus. - Working knowledge of cloud and SaaS environments (AWS, Azure, GCP, Okta, M365). - Hands-on use of automation or AI tooling in security operations; demonstrated use, not just awareness. - Strong written and verbal communication, excellent analytical and problem-solving skills, highly independent and self-driven, and comfortable in a fast-paced and virtual environment. Benefits - Location: US Remote - Competitive benefits package including equity, health insurance (medical, dental, vision) that is fully covered for the employee. - 401K plan with match. - Unlimited PTO and more.



