Мэтч & Сопровод
Покажет вашу совместимость и напишет письмо
Описание вакансии
Staff Cyber Threat Intelligence Analyst
Company
TRM Labs
Conditions
13 hours agoLead Anywhere Remote Full Time Cybersecurity Jobs by TRM Labs
Skills
Investigations Osint Intelligence Threat Cyber Leadership Infrastructure Analysis Blockchain Communication Wallet
About the Role
You're responsible for conducting high-complexity investigations and supporting time-sensitive blockchain analysis for partners. You will shape investigative methods, workflows, and analytical capabilities to scale cyber threat intelligence. You will collaborate with blockchain intelligence experts, engineers, and data scientists to raise the quality and repeatability of analytical work. You will produce finished cyber threat intelligence including actor profiles, campaigns, IOC packages, infrastructure attributions, and evidence-ready outputs. You will triage large indicator sets, cluster infrastructure, and turn fragmented signals into clear, defensible findings. You will support incident responders and external partners with timely, high-confidence intelligence products and briefings. You will evaluate and operationalize new analytical tooling and translate investigative tradecraft into scalable analytical capabilities and product-informed improvements.
Requirements
- 8+ years of experience in cyber threat intelligence, intelligence analysis, incident-driven investigations, or a closely related analytical field.
- Demonstrated experience producing finished intelligence products such as actor profiles, campaign reports, attribution assessments, or infrastructure mapping.
- Deep expertise in cyber investigations, infrastructure attribution, campaign analysis, and actor profiling, including the ability to set a high bar for analytical rigor in these areas.
- Strong OSINT instincts and the ability to resolve identities, aliases, and behavior across fragmented sources.
- The ability to connect technical findings to financial infrastructure, including wallets, laundering paths, sanctions exposure, or identity-linked leads when relevant to the investigation.
- Excellent judgment about analytical confidence, evidentiary strength, and what can or cannot be defended in a report, referral, or operational setting, including the ability to guide others on those standards.
- A track record of leading complex investigations, improving workflows, shaping analytical standards, and raising the quality of work beyond your own cases.
- Excellent written and verbal communication skills, with the ability to package findings for technical and non-technical audiences alike.
- Comfort operating in a fast-paced environment where priorities can change quickly and ambiguity is normal.
- AI fluency is required. AI tools should be a meaningful part of your research, synthesis, and workflow acceleration toolkit, with strong human quality control over the resulting output.
Responsibilities
- Produce finished cyber threat intelligence, including actor profiles, campaign reports, IOC packages, infrastructure attributions, and evidence-ready analytical outputs.
- Act as a staff-level analytical leader across multiple active actors and campaigns at once, raising quality, shaping standards, and coaching other analysts through exemplary tradecraft and judgment.
- Drive the highest-complexity investigations from seed indicators such as domains, IPs, hashes, aliases, or wallets through to attributed actors, clusters, or campaign pictures, and codify the methods others can reuse.
- Correlate technical indicators with OSINT, identity signals, infrastructure patterns, and financial-rail activity to build a fuller understanding of adversary behavior.
- Triage large indicator sets, cluster infrastructure, and turn fragmented signals into clear, defensible findings while improving the repeatability and rigor of how this work is done across the team.
- Support incident responders, threat hunters, investigators, leadership, and external partners with timely, high-confidence intelligence products and briefings, especially where judgment, prioritization, and ambiguity are unusually high.
- Evaluate and operationalize new analytical tooling by pressure-testing it on real workflows and identifying where it meaningfully reduces analyst effort, improves quality, or creates reusable leverage across investigations.
- Drive better investigation workflows, analytic standards, and repeatable methods that increase analyst throughput without sacrificing rigor.
- Partner across intelligence, engineering, and data science to translate investigative tradecraft into scalable analytical capabilities and product-informed improvements.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →