CrawlJobs Logo
Microsoft Corporation Logo Microsoft Corporation · IT - Software Development

Senior Applied Threat Intelligence Analysts

United States, Redmond Employment contract 102100.00 - 202200.00 USD / Year · Job Posted June 29, 2026
Apply Position
Job Link Share

Job Description

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Microsoft Security Research is at the front line of defending Microsoft customers and the broader ecosystem against the world's most sophisticated threat actors. Our Applied Threat Intelligence team tracks the threat landscape and the threat actors that target our customers; where they have been, where they are today, and predict where they will be tomorrow. We partner deeply across Microsoft Threat Intelligence, product engineering, and research to ensure our customers stay ahead of threats.

Job Responsibility

  • Lead with AI to understand the threat landscape and the latest attacker tradecraft.
  • Track threat actors, including financially motivated threat actors
  • their infrastructure, their targets, and their shifting techniques, tactics, and procedures.
  • Translate complex technical findings into clear, prescriptive guidance for security operations teams, executives, and the broader defender community.
  • Partner with product, research, marketing, and communications teams to ensure high-quality intelligence experiences through Microsoft's customer-facing surfaces and managed services (Agentic Security, Defender XDR, Defender Experts, Sentinel, blogs, briefings).
  • Build and refine the pipelines, tooling, and workflows that allow Microsoft to stream insightful cyber threat intelligence to customers machine speed.
  • Represent Microsoft Threat Intelligence in customer briefings, industry conferences, and cross-industry working groups.

Requirements

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
  • Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
  • equivalent experience.
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role.
  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Nice to have

  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 5+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
  • Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 8+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 12+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection.
  • equivalent experience.
  • 3+ years of experience in cyber threat intelligence, threat hunting, incident response, or a closely related security discipline.
  • Attribution experience creating threat groups, assessing connections between established threat groups, and communicating attribution assessments to internal stakeholders and customers in a timely manner.
  • Demonstrated experience producing finished threat intelligence reporting for technical and/or executive audiences.
  • Working experience with Microsoft Sentinel and Microsoft Defender XDR (or directly comparable SIEM/XDR platforms).
  • Understanding of adversary tradecraft, the cyber kill chain, and frameworks such as MITRE ATT&CK, the Diamond Model, and structured analytic techniques.
  • Written and verbal communication skills, with a portfolio of public or customer-facing intelligence writing.
  • Experience tracking and defending against financially motivated threat actors.
  • Experience with endpoint, cloud, network, and identity-based attacks and datasets.
  • Experience with AI tools and large language models, building agents and skills for information security applications and pipelines.
  • Comprehensive OS security/internals knowledge.
  • Understanding of network protocols and analytical experience with network infrastructure data & telemetry.
  • Reverse-engineering with static and behavioral binary analysis experience.
  • Functional understanding of common threat analysis models such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK.
  • Programming or scripting background (Python, PowerShell, C#, C++, etc.).
Microsoft Corporation - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Applied Threat Intelligence Analysts

8 matching positions

Senior Applied Threat Intelligence Analyst

Security represents the most critical priorities for our customers in a world aw...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field. OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection. OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection. OR equivalent experience.
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Job Responsibility
Job Responsibility
  • Author and publish high-impact threat intelligence reports (actor profiles, campaign analyses, trend reports, TTP deep-dives, vulnerability profiles) for both customer-facing and internal audiences.
  • Build and refine the pipelines, tooling, and workflows that allow Microsoft to stream insightful cyber threat intelligence to customers machine speed.
  • Represent Microsoft Threat Intelligence in customer briefings, industry conferences, and cross-industry working groups.
  • Translate technical findings into clear, actionable insights for security operations teams and technical stakeholders.
  • Partner with product, engineering, and research teams to operationalize intelligence into Microsoft security platforms (e.g., Defender XDR, Sentinel, customer briefings).
  • Contribute to scalable workflows and pipelines that improve how threat intelligence is generated, refined, and delivered to customers.
  • Support customer engagements (briefings, responses, and discussions) with accurate and timely intelligence insights.
  • Collaborate within the team to improve analytic tradecraft, knowledge sharing, and intelligence quality.
  • Fulltime
Read More
Arrow Right

Senior Cyber Threat Intelligence Analyst

BAE Systems is seeking a skilled Cyber Threat Intelligence Practitioner to suppo...
Location
Location
United Kingdom , Preston
Salary
Salary:
27.03 - 36.30 GBP / Hour
outsource-uk.co.uk Logo
Outsource UK
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong experience within a Cyber Threat Intelligence (CTI) discipline
  • A solid understanding of cyber threat actors, geopolitics, and global threat activity
  • Awareness of intelligence disciplines such as OSINT, SIGINT, HUMINT, and their application
  • Knowledge of structured analytical techniques and intelligence best practice
  • Experience applying MITRE ATT&CK / D3FEND / ENGAGE frameworks in an operational context
  • Clearance: BPSS + SC + UK EYES
Job Responsibility
Job Responsibility
  • Produce operational and tactical cyber threat intelligence reports tailored to technical and senior audiences
  • Monitor the cyber threat landscape, including OSINT, dark web sources, internal telemetry, and external intelligence feeds
  • Investigate threat actors, campaigns, and tactics, techniques, and procedures (TTPs) to identify indicators of compromise
  • Provide timely intelligence support during security incidents, aiding containment and remediation efforts
  • Deliver threat briefings to internal stakeholders and trusted external partners
  • Support Requests for Information (RFIs) and Intelligence Requirements (IRs) in collaboration with CTI collections teams
  • Advise on organisational Cyber Threat Levels based on intelligence assessments
  • Act as a trusted advisor, translating complex intelligence into clear, actionable insight
  • Fulltime
Read More
Arrow Right
New

Senior Intelligence Analyst

Are you looking for a career move that will place you in a global financial orga...
Location
Location
Hungary , Budapest
Salary
Salary:
12211560.00 - 20474640.00 HUF / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in a combination of cyber threat intelligence, financial crime investigation, fraud analysis, or law enforcement roles with a focus on BEC, wire fraud, or cyber-enabled financial crime. Prior experience in a financial institution, government agency, law enforcement, or financial intelligence unit (FIU) environment is strongly preferred.
  • Bachelor's degree (or equivalent experience) required
  • advanced degrees are welcomed, preferably in a STEM major, computer science, cyber security, or cyber technology.
  • Certifications from EC-Council, GIAC, (ISC)² [CISSP, C/EH, GCIA, CCNA] or relevant technical or specialty areas are a plus, or willingness to earn within 12 months of joining.
  • Subject matter expertise in business email compromise — including vendor email compromise (VEC), CEO fraud, payroll diversion, real estate wire fraud, and invoice manipulation schemes — with a thorough understanding of actor tactics, techniques, and procedures at each stage of the attack lifecycle.
  • Strong understanding of the industry's most frequently targeted by BEC actors, including real estate and title companies, legal firms, healthcare, manufacturing, construction, government contractors, and financial services, with the ability to tailor intelligence products to sector-specific risk profiles.
  • Proficiency in open-source intelligence (OSINT) techniques including domain and email header analysis, WHOIS and passive DNS investigation, social media intelligence, dark web monitoring, and fraudulent infrastructure identification.
  • Experience with link analysis platforms such as Palantir, Maltego, or i2 Analyst's Notebook to map actor networks, financial flows, and entity relationships across complex multi-jurisdictional cases.
  • Working knowledge of financial crime typologies including trade-based money laundering, layering techniques, and the use of cryptocurrency exchanges and peer-to-peer platforms to convert and obscure BEC proceeds.
  • Experience with scripting languages such as Python or similar tools for automating intelligence collection, data enrichment, and pattern analysis across large datasets.
Job Responsibility
Job Responsibility
  • Serve as the primary subject matter expert on business email compromise, wire fraud, and cyber-enabled financial crime, maintaining current and comprehensive knowledge of actor methodologies, fraud typologies, and evolving attack vector.
  • Apply in-depth disciplinary knowledge to triage, process, analyze, intelligence alerts, reports, and briefings
  • Monitor and research cyber threats (with a strong focus on Business Email Compromise (BEC) and wire fraud) with a direct or indirect impact to the Citi brand
  • Monitor open-source, dark web, and proprietary intelligence sources for emerging BEC campaigns, compromised credential markets, fraudulent domain registrations, and threat actor communications targeting financial institutions and their clients
  • Assess cyber threat data and correlate with existing understanding of cyber threats impacting the Citi franchise
  • Ascertain the impact of an attack and develop threat trends to assess their overall impact and inform senior decision makers
  • Produce timely, accurate, and actionable intelligence reports, bulletins, and briefings for consumption by fraud operations, client advisory teams, compliance, legal, and senior leadership stakeholders.
  • Engage in liaison activities with intelligence communities, law enforcement, industry partners, peer financial institutions, and information sharing communities
  • Complete the daily operational components of the intelligence mission
  • Assume informal/formal mentor role within teams and assist with the coaching and training of new team members
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right
New

Intelligence Senior Analyst

Citi Security and Investigative Services (CSIS) is a full-service security and i...
Location
Location
United States , Charlotte; Tampa
Salary
Salary:
90080.00 - 135120.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
July 02, 2026
Flip Icon
Requirements
Requirements
  • Minimum of 5 years’ experience relating to open source intelligence analysis for investigations, threat monitoring, or intelligence targeting
  • Previous analytical experience within corporate investigations, the intelligence community, or law enforcement preferred
  • Minimum bachelor’s degree / University degree
  • Certifications from EC-Council, ACFE, SANS Institute, IntelTechniques, or graduate certification(s) in relevant technical or specialty areas a plus
  • Demonstrable ability to collect, evaluate, interpret, and analyze data, with a strong knowledge of analytical techniques
  • Strong analytical skills to filter, prioritize and validate potentially complex and dynamic material from multiple sources
  • Proven record of accomplishment in information gathering, monitoring, and analysis pertaining to matters in various geographical locations, including strong use of commercial databases, surface, deep and dark web, and social media
  • Excellent communication (oral and written) skills with attention to detail
  • Established project management skills – ability to coordinate and prioritize several projects simultaneously while working with a globally dispersed team of contributors and stakeholders
  • Taking ownership in projects and making suggestions for improvement
Job Responsibility
Job Responsibility
  • Lead open source analysis for CSIS investigations involving fraud, cyber, insider, and other security threats facing the firm
  • Use advanced techniques to monitor threats and collect data from multiple open sources, including social media, the deep and the dark web, to support intelligence questions
  • Apply advanced qualitative and quantitative analytical methodologies to turn information and data into actionable intelligence, including but not limited to link analysis and digital footprint analysis
  • Anticipate, identify and develop innovative solutions to intelligence gaps
  • Partner with internal and external stakeholders on open source methodologies and tools where appropriate to close identified gaps
  • Deliver analysis and findings in the form of high quality, succinct, and straightforward written products and oral briefings
  • Manage multiple projects simultaneously with a proactive, self-motivated approach, ensuring timely delivery of high-quality results while collaborating effectively with global teams
What we offer
What we offer
  • medical, dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
  • Fulltime
!
Read More
Arrow Right

Threat Intelligence Intern

This internship will offer direct exposure to the intelligence function at the c...
Location
Location
United States , Reston
Salary
Salary:
Not provided
fsisac.com Logo
FS-ISAC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must be a rising junior or senior currently enrolled in an accredited undergraduate program, with a concentration in cybersecurity, information science, political science, international affairs, or a closely related discipline
  • Consumer-level understanding and utilization of AI tools
  • Familiarity with threat intelligence concepts, OSINT methodologies, or the MITRE ATT&CK framework preferred
  • Strong research and analytical writing skills with the ability to synthesize large volumes of information into clear, structured outputs
  • Genuine interest in the financial sector threat landscape, not just cybersecurity broadly
  • Must be authorized to work in the United States
  • A background check is required prior to the start date.
Job Responsibility
Job Responsibility
  • Research and analyze cyber threats, threat actors, and campaigns targeting the financial sector using open-source and ISAC-sourced intelligence
  • Contribute to the development of intelligence products and analytical outputs for FS-ISAC members
  • Apply structured analytical frameworks, including MITRE ATT&CK, to assess and organize intelligence findings
  • Monitor threat landscape developments relevant to the financial sector and summarize key findings for internal teams
  • Collaborate with analysts and intelligence professionals across the US and EMEA
  • Present work and findings to senior leadership at the end of the program.
Read More
Arrow Right

Senior Applied AI Scientist

Microsoft Sentinel Platform NEXT R&D labs is the strategic incubation engine beh...
Location
Location
United States , Multiple Locations
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Statistics, Econometrics, Computer Science, Electrical or Computer Engineering, or related field AND 4+ years related experience (e.g., statistics predictive analytics, research) OR Master's Degree in Statistics, Econometrics, Computer Science, Electrical or Computer Engineering, or related field AND 3+ years related experience (e.g., statistics, predictive analytics, research) OR Doctorate in Statistics, Econometrics, Computer Science, Electrical or Computer Engineering, or related field AND 1+ year(s) related experience (e.g., statistics, predictive analytics, research) OR equivalent experience
  • Candidates must be able to meet Microsoft, customer and/or government security screening requirements are required for this role
  • This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
  • Master's Degree in Statistics, Econometrics, Computer Science, Electrical or Computer Engineering, or related field AND 6+ years related experience (e.g., statistics, predictive analytics, research) OR Doctorate in Statistics, Econometrics, Computer Science, Electrical or Computer Engineering, or related field AND 3+ years related experience (e.g., statistics, predictive analytics, research) OR equivalent experience
  • 3+ years working with Machine Learning (ML)/Artificial Intelligence (AI) systems (e.g., Large Language Models (LLM/LRM)/Generative AI (GenAI), retrieval/Retrieval-Augmented Generation (RAG), model serving, experimentation platforms, data pipelines) including establishing evaluation metrics and improving model quality
  • Demonstrated success driving zero-to-one (0→1) initiatives
  • ML background and hands-on experience
  • Experience with ML lifecycle: model training, fine-tuning, evaluation, continuous monitoring, and more
  • Coding ability in one or more languages (e.g., Python, C#, C++, Rust, JavaScript/TypeScript)
  • Familiarity and previous work in the field of cybersecurity (e.g., threat detection/response, SIEM/SOAR, identity, endpoint, cloud security) and familiarity with analyst workflows
Job Responsibility
Job Responsibility
  • AI/ML Research: design, development, and analysis of novel AI and machine learning models and algorithms for security and enterprise-scale applications
  • Innovate Across Domains: Explore and apply a broad spectrum of AI/ML techniques, including deep learning, Bayesian probabilistic modeling, classical ML, generative models, and hybrid approaches
  • Experimentation & Evaluation: Design and execute experiments, simulations, and evaluations to validate models and system performance, ensuring measurable improvements
  • Collaboration: Partner with engineering, product, and research teams to translate scientific advances into robust, scalable, and production-ready solutions
  • Customer Impact: Engage with enterprise customers and field teams to co-design solutions, gather feedback, and iterate quickly based on real-world telemetry and outcomes
  • Fulltime
Read More
Arrow Right

Cyber Threat Intelligence Analyst

The Intelligence Lead Analyst is a senior level professional responsible for dri...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-10 years of relevant experience
  • Working knowledge in one or more of the following areas: Advanced Persistent Threat, Third Party Risks/Threats, Cybercrime, Extremist Groups and Cyber Terrorists, Hacktivism, Distributed Denial of Service attacks, Fraud, Malware, Mobile Threats
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
  • Master’s degree preferred
Job Responsibility
Job Responsibility
  • Analyze regional threat data and determine a correlation if any, to existing intelligence requirements
  • Monitor and research cyber threats with a direct or indirect impact to the Citi brand
  • Research and identify malicious activity by performing post-mortem analysis on logs, traffic flows, and other activities
  • Conduct intrusion analyses to ascertain the impact of an attack, and develop mitigation techniques for future attacks
  • Evaluate networks and programs to assess potential weaknesses and points of entry
  • Analyze and present to senior leadership discovered patterns to forecast future cyber-attacks and their potential impact
  • Liaise with intelligence communities, law enforcement, industry partners, peer financial institutions, and information sharing communities
  • Triage, process, analyze, and disseminate intelligence alerts, reports, and briefings
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.
  • Fulltime
Read More
Arrow Right

Security Threat Intelligence and Hunting Analyst

The Security Threat Intelligence and Hunting Analyst role at NTT DATA involves a...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in computer science, information technology or security or related field
  • Relevant security certification(s) such as GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), and GIAC Certified Forensic Analyst (GCFACTIA, CompTIA Cybersecurity Analyst (CySA+), GCTI, FOR508 preferred
  • Seasoned demonstrated experience in a similar role
  • Seasoned demonstrated experience gained within a global technology organization
  • Ability to apply critical thinking skills to a situation and make a decision based on the information to hand
  • Good understanding of computer systems, software and technology in general
  • Excellent written and verbal communication
  • Ability to research topics and find information relevant to their work
  • Ability to interpret large amounts of data and identify important details to identify potential threats and vulnerabilities
  • Seasoned proficiency in threat hunting methodologies, including familiarity with tools and techniques for proactive detection of threats
Job Responsibility
Job Responsibility
  • Reads reports, makes risk assessments, works to detect the source of attacks and tests current defenses against threats
  • Advises on analysis enabling organization to make decisions on how to improve security measures and respond to attacks
  • Monitors security alerts and maintains awareness of new threats and vulnerabilities in order to identify potential risks
  • Analyses data from various sources, including network traffic, email logs, malware files, web server logs, DNS records, etc. to identify cybersecurity risks
  • Develops and maintains threat intelligence databases containing information about cybercrime tactics, techniques, and procedures (TTPs) used by hackers or other actors targeting the organization’s assets
  • Participates in Incident Response activities as necessary to identify and contain new threats
  • Conducts investigations into potential threats by collecting data from multiple sources and analyzing it to identify patterns or other significant pieces of information that indicate a specific threat may be occurring or has occurred previously
  • Communicates with senior leaders and also executives and other stakeholders on security matters to raise awareness of potential risks and recommend solutions
  • Conducts regular audits of security measures to identify vulnerabilities that could be exploited by unauthorized users
  • Reviews security policies to ensure compliance with industry regulations and best practices
  • Fulltime
Read More
Arrow Right