Cyber Threat Intelligence Analyst

Job Description

Rackspace Cyber Defense
Cyber Threat Intelligence Analyst, Security Operations
About Rackspace Cyber Defence
Rackspace Cyber Defence is our next generation cyber defense and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence-driven security services.
Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud, and multi-cloud workloads.
Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric, fully integrated 24x7x365 cyber defense capabilities that delivers a proactive, threat-informed, risk-based, intelligence-driven approach to detecting and responding to threats.
Our mission is to help our customers:
.Proactively detect and respond to cyber-attacks - 24x7x365.
.Defend against new and emerging risks that impact their business.
.Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments.
.Reduce their exposure to risks that impact their identity and brand.
.Develop operational resilience.
.Maintain compliance with legal, regulatory and compliance obligations.

What we're looking for

- We are seeking a skilled and proactive Cyber Threat Intelligence Analyst (3-5 years) to join our team and contribute to delivering a Fanatical Experience to our customers.
- This role is ideal for an individual with a strong background in threat intelligence gathering, analysis, and reporting, as well as hands-on experience in threat hunting and translating intelligence into actionable insights.
- Incident Handling and Managing Cloudsek Platform.
- As a Threat Intelligence Analyst, you will be responsible for identifying and analyzing emerging cyber threats, conducting threat hunting (good to have Sentinel Exp) activities to uncover hidden risks, and producing detailed reports to inform and support security operations. Your expertise will help enhance the overall security posture of our customers through proactive intelligence and actionable recommendations.

Key Responsibilities

- Lead and perform proactive threat hunting across multiple customers or organizational estates using available data and threat intelligence.
- Create, test, and iterate threat hunting hypotheses to uncover undetected malicious activity.
- Leverage Cyber Threat Intelligence (CTI) feeds and tooling to track threat actor TTPs and deliver contextual insights relevant to the organization.
- Design and implement custom detection rules in SIEM platforms, particularly Microsoft Sentinel.
- Handling Cloud Sek Platform incidents (Dark web detections, Credential Leaks, Compromised Computer.)
- Collaborate with detection engineers, SOC analysts, and other stakeholders to improve detection content and response workflows.
- Contribute to incident response activities by supporting triage, investigation, and root cause analysis of cybersecurity events.
- Support risk and threat modelling initiatives by providing timely threat input and context.
- Deliver timely high-quality reporting (including executive briefings and technical analysis) on emerging threats and threat actor trends.
- Manage and curate threat intelligence watchlists, enrich detections with threat data, and assist SOC teams with relevant contextual insights.
- Support insider threat monitoring and vulnerability risk assessments.
- Participate in detection engineering efforts by identifying opportunities for new or enhanced analytics.
- Communicate threat relevance to technical and non-technical stakeholders clearly and concisely.
- Maintain an active awareness of the evolving cyber threat landscape, particularly as it pertains to your sector.
- Liaise with Corporate Enterprise Security for indicator and threat sharing.
- Drive iterative non-technical process improvement and documentation to minimize process friction to eliminate waste and drive consistency.

Essential Skills and Experience

- Experience in Threat Hunting and Cyber Threat Intelligence. (3-5 years)
- Experience in analyzing large datasets for threat patterns.
- Strong understanding of threat actor behaviours, attack chains, and TTPs.
- Practical experience using SIEM platforms (ideally Microsoft Sentinel) and writing KQL queries.
- Strong Handon on Exp on Cloud Sek Platform,
- Understanding of threat modelling, risk management, and MITRE ATT&CK framework.
- Experience supporting or collaborating with Security Operations Center (SOC) teams.
- Understanding of Windows and/or Linux telemetry and analysis techniques.
- Knowledge of network protocols and how they may be exploited.
- Experience executing security incident response workflows and processes.
- Ability to triage and respond to threat intelligence alerts from multiple sources.
- Strong written and verbal communication skills to effectively deliver technical and executive-level briefings.

Desirable Skills

- Experience with Microsoft Defender XDR Suite (Defender for Cloud, Server, Endpoint, Office 365, Identity).
- Microsoft Sentinel
- Cloud SEK Platform
- Crowdstrike, Falcon
- Qualys
- Familiarity with Microsoft Entra, Purview, and Azure technologies.
- Knowledge of NIST CSF, and other common security frameworks.
- Experience working with STIX and TAXII or equivalent for TI normalization and sharing
- Hands-on experience with detection creation and automation workflows using GitHub.
. Familiarity with scripting (python, JS, Powershell) for automation/analysis data processing.
- Experience working in Agile environments and cross-functional teams.
- Relevant certifications such as:
- Microsoft: SC-200, AZ-500, MS-500, SC-300
- GIAC: GCTI, GCFA, GREM, GCIA
- Other: CISSP, CISA, CISM, CompTIA Security+/Cloud+, CCSK

About Rackspace Technology

- We are the multicloud solutions experts. We combine our expertise with the world's leading technologies - across applications, data and security - to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.
-
- More about Rackspace Technology
- Though we're all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.