L2 Threat Intelligence Platform Analyst

Description:

Role Overview :

We are seeking an experienced and detail-oriented Threat Intelligence Platform Analyst (L2) to join our Cyber Threat Intelligence (CTI) team. The ideal candidate will have a minimum of 5 years of hands-on experience in threat intelligence, with strong expertise in Threat Intelligence Platforms (TIPs), malware analysis, and adversary profiling.

This role involves analyzing complex threat data, managing intelligence platforms, and delivering actionable insights to strengthen the organizations cybersecurity posture. The candidate must also possess industry-recognized certifications such as CTIA, CEH, or CSA.

Key Responsibilities :

1. Threat Intelligence Operations

- Execute the full threat intelligence lifecycle: collection, analysis, correlation, and dissemination of actionable intelligence.

- Identify, investigate, and assess cyber threats, adversary tactics, techniques, and procedures (TTPs) using frameworks such as MITRE ATT&CK and Cyber Kill Chain.

- Develop and maintain threat actor profiles, track campaigns, and identify indicators of compromise (IOCs).

- Provide intelligence briefings, reports, and advisories to support proactive defense measures.

2. Threat Intelligence Platform (TIP) Management

- Manage and optimize Threat Intelligence Platforms (TIPs) such as Anomali, MISP, ThreatConnect, or Recorded Future.

- Integrate external and internal threat feeds (STIX/TAXII, OpenCTI, VirusTotal, AlienVault OTX, etc.).

- Automate IOC ingestion, enrichment, and correlation to enhance detection and response capabilities.

- Maintain data accuracy and ensure timely dissemination of relevant threat intelligence to security teams.

3. Malware & Threat Analysis

- Perform malware analysis to identify threat indicators, patterns, and attack vectors.

- Analyze phishing campaigns, malicious payloads, domains, and C2 infrastructure using sandbox and reverse-engineering tools.

- Provide detailed intelligence reports with actionable recommendations to mitigate threats.

4. Security Collaboration & Incident Support

- Collaborate with SOC, Incident Response, and Vulnerability Management teams to enrich alerts and improve detection accuracy.

- Support L1/L2 analysts by providing contextual intelligence during investigations.

- Assist in developing playbooks and automated workflows for threat response in SOAR platforms.

5. Reporting & Documentation

- Prepare and deliver daily, weekly, and monthly threat intelligence reports highlighting emerging trends and risks.

- Document IOCs, threat actor information, and campaign details in a structured and retrievable format.

- Present threat updates and recommendations to senior management and security stakeholders.

Required Skills & Experience:

Total Experience: Minimum 5 years in Cyber Threat Intelligence.

Certifications (Mandatory):

- CTIA (Certified Threat Intelligence Analyst)

- CEH (Certified Ethical Hacker)

- CSA (Cloud Security Alliance Certification or equivalent)

Deep understanding of :

- Threat intelligence lifecycle and frameworks (MITRE ATT&CK, Diamond Model, Cyber Kill Chain).

- Malware analysis, threat taxonomy, and IOCs.

- Cyber threat hunting and analysis methodologies.

- Experience with security tools: SIEM, SOAR, EDR, IDS/IPS, firewalls, endpoint protection, and network monitoring systems.

- Proficiency in Threat Intelligence Platforms (TIPs) and automation tools.

- Excellent analytical, documentation, and communication skills.

Preferred Skills :

- Experience with Python or PowerShell scripting for automation and data enrichment.

- Familiarity with dark web monitoring, OSINT tools, and intelligence gathering sources.

- Understanding of cloud threat intelligence (AWS, Azure, GCP environments).

- Exposure to incident response processes and vulnerability management.