CrawlJobs Logo

Threat Intelligence Researcher

rapid7.com Logo

Rapid7

Location Icon

Location:
Israel , Tel Aviv

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are looking for a Threat Intelligence Researcher who can analyze cyber threats and turn technical data into clear, useful insights. You will work closely with a team and clients, create reports, and build simple tools or scripts (mainly in Python) to improve how data is collected and analyzed. This role requires strong problem-solving skills, good communication, teamwork, and taking responsibility for delivering results.

Job Responsibility:

  • Conduct in-depth investigations and produce comprehensive intelligence reports
  • Participate in customer-facing meetings to present findings
  • Design, implement, and maintain internal tools, scripts, and data scrapers (primarily Python)
  • Convert raw technical data into actionable intelligence products including technical reports, YARA/Sigma rules, and executive briefings

Requirements:

  • Strong background in cybersecurity and threat intelligence research
  • Proficiency in Python, Go, or C++ with emphasis on developing automation or data processing pipelines
  • Ability to synthesize disparate data points to construct cohesive intelligence
  • Exceptional technical writing skills and capability to present complex findings clearly
  • Ownership and accountability for driving outcomes
  • Adaptability and proactive approach to automating tasks
  • Fluent written and verbal communication skills in English
  • Embodiment of core values to foster excellence

Nice to have:

  • Familiarity with MITRE ATT&CK framework
  • Active engagement in security research community (CTFs, blog posts, open-source contributions)
  • Highly articulate English communication
  • Comprehensive understanding of threat intelligence landscape (APTs, IABs, Modus Operandi)
  • Familiarity with Dark Web and cybercrime forum ecosystem

Additional Information:

Job Posted:
March 21, 2026

Icon
Rapid7 - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Threat Intelligence Researcher

Threat Intelligence Research Engineer

We’re looking for a Threat Intelligence Research Engineer who can bridge two wor...
Location
Location
United States , Orlando
Salary
Salary:
Not provided
threatlocker.com Logo
ThreatLocker
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in cybersecurity research, threat intelligence, security engineering, SOC analysis, or malware analysis
  • Strong knowledge of attacker TTPs, MITRE ATT&CK, malware behavior, incident response, and threat hunting workflows
  • Hands-on familiarity with tools such as SIEMs, sandboxes, EDR platforms, packet analyzers, and OSINT frameworks
  • Ability to read logs, investigate incidents, and interpret technical artifacts
  • Proven experience writing technical reports, threat advisories, security research, or cybersecurity analysis
  • Ability to translate complex material into clear, concise content without losing technical accuracy
  • Strong editorial judgment and an understanding of narrative clarity and structure
  • Deep curiosity and a research-driven mindset
  • Commitment to accuracy, integrity, and evidence-backed analysis
  • Ability to juggle multiple research topics while meeting publishing deadlines
Job Responsibility
Job Responsibility
  • Monitor, analyze, and report on emerging threats, indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and global threat trends
  • Investigate vulnerabilities, misconfigurations, malware behavior, ransomware campaigns, and exploit chains
  • Conduct independent research on threat actors, intrusion patterns, and security gaps relevant to our customer base
  • Collaborate with internal engineering, SOC, and threat teams to access proprietary intelligence and validate findings
  • Produce clear, defensible, and high-accuracy analysis based on data and technical evidence
  • Transform threat research into high-quality reports, whitepapers, blogs, briefs, advisories, and thought-leadership content
  • Write in a way that resonates with cybersecurity professionals, executives, and IT leaders
  • Contribute to articles under the names of internal subject matter experts (SMEs) to elevate their voices and strengthen company authority
  • Develop clear visuals, diagrams, and technical explanations to support complex research
  • Ensure all content is technically rigorous, original, and aligned with our Zero Trust security philosophy
Read More
Arrow Right

Threat Intelligence Analyst

As the first US member of the Threat Intelligence team, you’ll be joining a glob...
Location
Location
United States , San Francisco
Salary
Salary:
128300.00 - 206000.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years experience in Threat Intelligence roles
  • 3+ years experience in Cyber Security roles
  • Experience generating threat intelligence using behavioural-based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.
  • Experience using common Threat intelligence tools and platforms like MISP, OpenCTI, etc.
  • Experience performing hunting for Cyber Threat Actors
  • Experience building automation of common security operations tasks
  • You have deep knowledge of cyber threats, attacker TTPs and attack methodologies
  • You have strong communication skills and problem-solving skills, with the ability to analyse complex data.
Job Responsibility
Job Responsibility
  • Conduct proactive research to anticipate and mitigate potential cyber threats and vulnerabilities that target Atlassian and its customers
  • Produce actionable intelligence to the security teams by following the Threat intelligence lifecycle framework
  • Collaborate with the Detections & Response team to provide additional insights during security investigations
  • Develop and maintain threat profiles for key adversaries, including their tactics, techniques, and procedures (TTPs), motivations, and capabilities
  • Participate in threat intelligence sharing initiatives with external partners and industry peers
  • Contribute to the wider threat intelligence community, establishing Atlassian as a key contributor in the space
  • Integrate Threat Intelligence into Atlassian systems and practices
  • Investigate malicious code to extract Tactics, Techniques and Procedures (TTP)
  • Develop and deliver threat briefings to both technical and non-technical audiences.
What we offer
What we offer
  • Health and wellbeing resources
  • Paid volunteer days
  • Equity
  • Bonuses
  • Commissions
  • Flexible work options (onsite, remote, hybrid)
  • Fulltime
Read More
Arrow Right

Threat Intelligence Analyst

As a Threat Analyst at UpGuard, you will be an integral member of our Threat Sca...
Location
Location
United States , Chicago
Salary
Salary:
120000.00 USD / Year
https://www.upguard.com Logo
UpGuard
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Expertise in Open Source Intelligence: Strong understanding of OSINT methodologies with a focus on the open, deep, and dark web
  • Understanding of Software Development: Solid grasp of software development processes to deconstruct and interpret vulnerability disclosures effectively
  • Cross-Team Collaboration: Excellent communication skills to work with the Customer Success & Support teams, explaining capabilities and resolving customer issues
  • Independence and Initiative: A self-starter attitude with the ability to take ownership of tasks and drive them to completion independently or collaboratively
  • Technical Skills in Scripting: Proficiency in scripting languages such as Python, with the ability to learn and adapt to new programming languages as needed
Job Responsibility
Job Responsibility
  • Analyze Data Leaks: Process and assess incoming data feeds to identify whether customers have been impacted by data leaks
  • Contribute to Threat Intelligence Feeds: Enhance UpGuard’s proprietary threat intelligence feeds by researching and integrating new findings
  • Develop Vulnerability Detections: Build new product and vulnerability detections by reverse-engineering applications, analyzing vulnerability disclosures, and creating robust detection methodologies
  • Conduct Open Source Intelligence (OSINT) and Security Research: Focus heavily on identifying, analyzing, and interpreting open-source intelligence across the open, deep, and dark web to identify risks and vulnerabilities
What we offer
What we offer
  • Monthly Lifestyle subsidy: use this for financial, physical, and mental wellbeing
  • WFH set-up allowance: to ensure you have the right environment to work in, we will help you get set up within your first 3 months at UpGuard
  • $1,500 USD annual Learning & Development allowance: to support your career development all team members will be able to expense development opportunities against this allowance
  • Generous Annual Leave/PTO allowances: time to recharge your batteries
  • 18 weeks paid Parental Leave: irrespective of parenting role
  • Personal Leave allowance: this includes sick & carer’s leave
  • Fully remote working environment: while we have physical offices in Sydney & Hobart, we do not mandate compulsory attendance
  • Top-spec hardware: all team members will be provided with top-spec laptops for their roles
  • Personal device security & online privacy protection subsidy: UpGuard provides team members with a paid subscription to personal device security & online privacy protection platform
  • Generative AI subsidy: UpGuard provides paid subscriptions for all team members to access generative AI tools to support their work
  • Fulltime
Read More
Arrow Right

Protective Intelligence Analyst

The Protective Intelligence Analyst is responsible for supporting the executive ...
Location
Location
United States , Austin
Salary
Salary:
95000.00 USD / Year
aus.com Logo
Allied Universal®
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of 3 years of recent protective intelligence experience supporting executive protection teams and principals, or 5+ years of equivalent military, law enforcement, or intelligence experience.
  • Bachelor’s degree in Intelligence Studies, International Relations, Homeland Security, or related field (or equivalent operational experience).
  • Formal Intelligence Training certification (Military, Government, Association, or Private Sector) required.
  • Advanced training in threat assessment, travel risk management, or protective intelligence preferred.
  • Skilled in open-source (OSINT) and social media research, threat monitoring, and incident verification.
  • Experience producing protective intelligence products—threat assessments, travel risk reports, route/residence assessments, and pre-travel advisories.
  • Ability to collect, vet, and analyze information using the intelligence cycle to create accurate, actionable, bias-mitigated reporting.
  • Strong understanding of global security, geopolitical risks, terrorism, crime, and crisis response as they relate to executive travel and operations.
  • Proven ability to support EP operations in real time, providing clear, concise, and timely threat updates to decision-makers.
  • Proficiency in Microsoft Office Suite and familiarity with protective intelligence platforms (e.g., Factal, Dataminr, Babel Street, LifeRaft, Echosec).
Job Responsibility
Job Responsibility
  • Threat Monitoring & Early Warning: Continuously monitor open sources, social media platforms, dark web, and client-specific intelligence tools for threats or hostile surveillance activity directed at principals, their families, residences, travel plans, or affiliated events.
  • Protective Research & Threat Analysis: Conduct in-depth research and analysis on persons of interest (POIs), hostile actors, and groups with the intent or capability to target principals. Assess motivations, capability, opportunity, and intent to identify potential attack indicators.
  • Travel Risk Intelligence: Provide proactive intelligence support to executive protection teams during domestic and international travel, including country risk assessments, route reconnaissance, hotel and venue security reviews, and incident monitoring during trips. Deliver timely updates to traveling principals and EP teams.
  • Protective Operations Support: Deliver actionable, real-time intelligence to EP teams in support of principal movements, protective advances, route planning, and residence/event security. Maintain constant threat environment awareness and communicate relevant changes.
  • Geopolitical & Environmental Risk Tracking: Monitor global and regional security issues, including terrorism, political unrest, crime trends, natural disasters, and health risks—that could affect principals’ safety during travel or at residences/events.
  • Actionable Reporting & Products: Produce timely, clear, and actionable intelligence products including: Threat assessments (strategic and tactical), Travel risk assessments (pre-trip and in-trip updates), Situation reports (SITREPs) and incident summaries, Route and location assessments (residences, hotels, venues, offices)
  • Threat Mitigation Recommendations: Provide practical, proportionate recommendations to EP teams on how to mitigate identified threats, risks, and vulnerabilities. Offer clear triggers and indicators for escalation or operational adjustments.
  • Database & Knowledge Management: Maintain a structured, cross-referenced database of threats, POIs, incidents, and lessons learned to support future operations and ensure continuity of protective intelligence programs.
  • Confidentiality & Security: Safeguard sensitive client information, personal identifiers, and operational details at all times, adhering to strict confidentiality and need-to-know principles.
  • Operational Integration: Serve as the intelligence liaison to executive protection, event security, and corporate security teams, ensuring protective intelligence is integrated into all protective operations.
What we offer
What we offer
  • Employee Assistance Program
  • Employee Discount Program
  • Tuition Discount Program
  • Training & Career Development Programs
  • Fulltime
Read More
Arrow Right

Digital Investigations Analyst

Our Digital Investigations Team is all about social media intelligence. We've be...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
pgitl.com Logo
Protection Group International
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in online research, digital investigations, open-source intelligence (OSINT)
  • The mindset of an investigative journalist, a curious and persistent investigator
  • The ability to write clear and concise threat assessments
  • A background in political science/ journalism/ data science/ research
Job Responsibility
Job Responsibility
  • Identifying and tracking disinformation campaigns
  • Researching and attributing information operations
  • Investigate state and non-state threat actors
  • Monitor the coordination of real-world harm
  • Map and assess novel TTPs and behaviours
  • Deploy our in-house technical capability on investigations
  • Produce concise and contextualised threat reporting in line with PGI house style
  • Developing long-term client relationships within delivery efforts
  • Building an internal network across teams to ensure highest quality work
Read More
Arrow Right

Protective Intelligence Analyst

The Protective Intelligence Analyst is responsible for monitoring global events,...
Location
Location
United States , Santa Clara
Salary
Salary:
100000.00 USD / Year
aus.com Logo
Allied Universal®
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must possess one of the following: Bachelor’s degree in Security Intelligence, Threat Analysis or related field of study
  • Minimum of seven (7) years of formal civilian or military intelligence analysis experience in which your primary role was as an Intelligence Analyst, supporting the full intelligence cycle.
  • Minimum of five (5) years of civilian or military intelligence analysis experience
  • Fusion Centre/law enforcement/customs/security intelligence/military/commercial intelligence background
  • International experience, cultural awareness and sensitivity
  • Strong research, analysis, and critical thinking skills with expertise in open-source intelligence, social media tools, and assessment techniques to identify and evaluate complex threats
  • Excellent written, oral, and presentation communication abilities, including report writing and briefing senior stakeholders
  • Proficient in Microsoft Office Suite, SharePoint, and other relevant tools for data management and reporting
  • Highly organized, detail-oriented, and capable of managing multiple priorities independently or collaboratively across time zones and compressed timelines
  • Initiative and business acumen with minimal supervision
Job Responsibility
Job Responsibility
  • Manage the “intelligence cycle” through the systematic collection, collation, evaluation, interpretation and analysis of information and process this into timely, accurate, and relevant intelligence
  • Assure quality of intelligence products
  • edit and validate reports prior to dissemination. Evaluate Global Security Operations Center (GSOC) staff basic intelligence work product
  • Assess intel procedures specific to the GSOC
  • develop/update guidance documents and processes to eliminate gaps in intelligence gathering and reporting
  • Responsible for producing intelligence products that will aid in mitigating risk, exposure, and impacts to the client’s corporate critical infrastructure (personnel, facilities and assets, business operations, and reputation), globally.
  • Prepare analyses, assessments, verbal briefs or other products by applying expert judgment and specialized experience in interpreting information and making decisions
  • Produce high-quality threat assessments, security alerts, country risk assessments, multi-media presentations and other relevant security and awareness products for dissemination to relevant audiences across the organization as determined by the Intelligence Analyst under the guidelines provided by Senior Management
  • Take initiative to develop new intelligence products and reporting methods to address emerging vulnerabilities
  • formalize and streamline internal processes
What we offer
What we offer
  • Employee Assistance Program
  • Employee Discount Program
  • Tuition Discount Program
  • Training & Career Development Programs
  • Fulltime
Read More
Arrow Right

Senior Staff Researcher

As a Senior Designated CTI Analyst (DCA) on the Unit 42 CTI Services Delivery Te...
Location
Location
United States , Santa Clara
Salary
Salary:
139600.00 - 225775.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 7 years of experience in the cyber threat intelligence (CTI) field with a specialized focus on intelligence engineering and threat research
  • Strong understanding of security tooling, including the underlying data structures and complex data flows required for modern defense
  • Strong ability to architect scalable solutions to process, deduplicate, and enrich threat data, ensuring all intelligence is accurately tagged and discoverable by analytic end users
  • Knowledge of cyber threat actors, noteworthy attacks, and the ability to quickly recognize shifts or deviations from threat activity baselines. Ability to provide tailored defensive recommendations based on identified activity
  • A proven track record of proactive threat hunting within enterprise security consoles with a strong preference for experience using Palo Alto Networks’ Cortex product
  • Experience communicating complex threat intelligence to diverse audiences, including C-suite executives
  • Proven ability to operate under short-fuse deadlines, manage concurrent tasks, and thrive in complex and sometimes ambiguous situations
  • Deep experience with cyber threat intelligence frameworks (e.g., MITRE ATT&CK) and advanced analytical techniques
  • Previous experience supporting a customer organization as a designated resource preferred
Job Responsibility
Job Responsibility
  • Integrate intelligence use cases into security tooling, including data feed collation, deduplication, and the creation of threat dashboards
  • Correlate raw network and host-based indicators to attribute activity to specific threat actor groups, intrusion clusters, and malware families
  • Utilize Palo Alto Networks telemetry, commercial tools, and open-source data to identify and track threat activities of interest, pivoting between the customers findings and Palo Alto Networks telemetry
  • Leverage intelligence discoveries to perform threat hunts within the client’s Cortex security console
  • Provide tailored research and analysis for client-based Requests for Information (RFIs) to include relevant cyber threat activities, trends, or shifts in the threat landscape
  • Create a cyber threat profile that identifies top threats and provides tailored defensive recommendations based on their unique operational footprint
  • Assist in upskilling customer team capacity through mentorship sessions, and other micro-learning initiatives on best practices in CTI
  • Provide monthly briefings to customer leadership highlighting relevant threats, trends, and support provided
  • Fulltime
Read More
Arrow Right

Senior Staff Researcher

As a Senior Designated CTI Analyst (DCA) on the Unit 42 CTI Services Delivery Te...
Location
Location
United States , Santa Clara
Salary
Salary:
139600.00 - 225775.00 USD / Year
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 7 years of experience in the cyber threat intelligence (CTI) field with a specialized focus on intelligence engineering and threat research
  • Strong understanding of security tooling, including the underlying data structures and complex data flows required for modern defense
  • Strong ability to architect scalable solutions to process, deduplicate, and enrich threat data, ensuring all intelligence is accurately tagged and discoverable by analytic end users
  • Knowledge of cyber threat actors, noteworthy attacks, and the ability to quickly recognize shifts or deviations from threat activity baselines. Ability to provide tailored defensive recommendations based on identified activity
  • A proven track record of proactive threat hunting within enterprise security consoles with a strong preference for experience using Palo Alto Networks’ Cortex product
  • Experience communicating complex threat intelligence to diverse audiences, including C-suite executives
  • Proven ability to operate under short-fuse deadlines, manage concurrent tasks, and thrive in complex and sometimes ambiguous situations
  • Deep experience with cyber threat intelligence frameworks (e.g., MITRE ATT&CK) and advanced analytical techniques
  • Previous experience supporting a customer organization as a designated resource preferred
Job Responsibility
Job Responsibility
  • Integrate intelligence use cases into security tooling, including data feed collation, deduplication, and the creation of threat dashboards
  • Correlate raw network and host-based indicators to attribute activity to specific threat actor groups, intrusion clusters, and malware families
  • Utilize Palo Alto Networks telemetry, commercial tools, and open-source data to identify and track threat activities of interest, pivoting between the customers findings and Palo Alto Networks telemetry
  • Leverage intelligence discoveries to perform threat hunts within the client’s Cortex security console
  • Provide tailored research and analysis for client-based Requests for Information (RFIs) to include relevant cyber threat activities, trends, or shifts in the threat landscape
  • Create a cyber threat profile that identifies top threats and provides tailored defensive recommendations based on their unique operational footprint
  • Assist in upskilling customer team capacity through mentorship sessions, and other micro-learning initiatives on best practices in CTI
  • Provide monthly briefings to customer leadership highlighting relevant threats, trends, and support provided
  • Fulltime
Read More
Arrow Right