דרושים » אבטחת מידע וסייבר » Threat Intelligence Analyst

We are seeking a highly skilled and proactive Senior Cyber Security Threat Intelligence (CTI) Analyst to join the Networking product security team. In this critical role, you will function as a key defender of the technologies powering the worlds largest AI clusters. You will act as the eyes and ears of our product security organization, conducting investigative research into sophisticated adversaries and translating complex threat data into actionable intelligence. This is a hands-on role where your insights will directly influence our defensive posture and help eliminate threats before they manifest in the core of global AI infrastructure.

What You Will Be Doing:

You will serve as the intelligence core of our team dedicated to identifying, analyzing, and mitigating threats against our products and ecosystem:

Lead deep-dive OSINT and WEBINT research to identify emerging threats, conducting intelligence collection and analysis that leads to clear, actionable mitigation recommendations.
Leverage scripting (Python, Bash, etc.) and Generative AI tools to automate intelligence collection, triage, and analysis workflows.
Analyze Advanced Persistent Threats (APTs) and sophisticated adversaries, collaborating with multi-functional teams to detect, track, and eliminate potential risks to our networking portfolio.
Apply extensive insight into cyber operation phases to map adversary behavior, anticipate future movements, and harden our product development lifecycle with adoption of security improvements.
Drive threat hunting methodologies, proactively searching for indicators of compromise (IoCs) and hidden vulnerabilities within the products.
Translate complex technical findings into strategic intelligence reports for both technical collaborators and leadership, ensuring a clear and unified insight into the threat landscape.
Collaborate closely with incident response and engineering teams to ensure intelligence findings are seamlessly coordinated into other defensive tools and product security processes.

we are looking for a Senior Threat Intelligence Researcher.
As a Senior Threat Intelligence Researcher, you will be responsible for tracking advanced adversaries and leveraging your deep technical expertise across attacker capabilities, infrastructure, and tactics. You will create and refine approaches to uncover and monitor active threat actors, as well as surface irregular and emerging behaviors in the broader threat landscape. The intelligence you generate will directly strengthen understanding of threat actors and will inform proactive hunting, detection engineering, and defensive decision-making.
:Responsibilities
Lead complex threat intelligence investigations through in-depth analysis of the global threat landscape, with a focus on advanced and state-linked actors.
Define and prioritize threat research focus areas (actors, campaigns, sectors, techniques) aligned with customers and product roadmap.
Deliver actionable cyber threat intelligence and design and execute hunting campaigns using analytics, automation, and advanced AI capabilities.
Curate and maintain structured knowledge on actors, campaigns, infrastructure, and TTPs in internal threat knowledge base.
Work closely with CyberAI researchers on the development of next-generation artificial cyber researchers and AI-driven analysis capabilities.

Our Counter Adversary Operations (CAO) Elite is looking for a highly motivated, self-driven, detailed-oriented, and experienced Senior Analyst dedicated to making a difference in global security by protecting organizations against the most advanced attackers in the world.
In this role, you will leverage CrowdStrike CAO's extensive resources to provide advanced threat hunting expertise and intelligence analysis to safeguard our customers'; environments. You will develop a trusted partnership by helping customers identify and operationalize timely, actionable, and relevant threat intelligence and threat hunt findings.
This position offers exceptional growth opportunities, blending technical mastery with strategic advisory services, all powered by CrowdStrike's world-class intelligence and hunting capabilities.

After a period of learning our custom-built tool suite, workflows, and methodologies you will join other CAO Elite Analysts protecting our customer's networks by performing tailored threat hunting and customer specific threat intelligence operations, including:

Executing sophisticated threat hunting operations.

Providing high value, actionable, threat intelligence aligned to the customer's.

requirements using your expertise and knowledge of the threat landscape.

Delivering high-impact briefings and recommendations spanning threat hunting, dark web, and intelligence information relevant to your customer.

Responding to customers ad hoc requests for information and support.

Building lasting partnerships with customers.

What Youll Do:

Maintain ownership of assigned customer accounts, facilitate high levels of customer satisfaction, and be a trusted advisor for CAO Elite customers.

Perform threat hunting, research dark web data, and research tailored threat intelligence for CAO Elite customers based on their specific requirements and environment.

Prepare and deliver customer presentations relating to intelligence reports, dark web alerts, and threat hunting findings on a regular basis.

Respond to customer requests relating to threat intelligence, threat hunting, and dark web monitoring.

looking for a MXDR Analyst to join the team of cybersecurity analysts monitoring services 24/7. The role includes development of detection analyses, triage of alerts, investigation of security incidents, proactive threat hunting and enhancement of sensors and overall visibility status. The suitable candidate should be a team player with previous experience in SOC, SecOps or security monitoring, independent, and with a can-do attitude.



Responsibilities

Working across all areas of SOC, including continuous monitoring and analysis, threat hunting, security compliance, security event auditing and analysis, rule development and tuning, and forensics.
Solving security incidents in accordance with defined service level agreements and objectives.
Prioritizing and differentiating between potential incidents and false alarms.
Addressing clients enquiries via phone, email, and live chat.
Working side-by-side with customers, providing insightful incident reports.
Working closely with peers and higher-tier analysts to ensure that your analysis work meets quality standards.
Identifying opportunities for improvement and automation within the MXDR Operation Lead, and leading efforts to operationalize ideas.
Identifying and offering solutions to gaps in current capabilities, visibility, and security posture.
Correlating information from disparate sources to develop novel detection methods.

our company Intelligence seeks a Senior Intelligence Analyst for its Global Threat Analysis Cell (GTAC) to track and analyze targeted intrusion activity associated with Democratic Peoples Republic of Korea (DPRK)-nexus adversaries. The Analyst will monitor DPRK-nexus cyber operations, identify emerging trends and threats, investigate suspected DPRK-related adversary activity, and produce strategic and tactical intelligence assessments and products that directly inform our company customers.
What You'll Do:
Track adversary campaigns, tactics, techniques, and procedures (TTPs) through analysis of our companys unique telemetry, open-source data sets, and third-party intelligence
Author short and long format written reports with minimal supervision that apply analytic tradecraft, including appropriate use of estimative language, confidence levels, and structured analytic techniques. Collaborate across teams to inform various functions within our company Intelligence, as well as other company business units, to ensure comprehensive adversary tracking and deconfliction
Identify intelligence gaps, propose new research projects to address collection shortfalls, and develop initiatives to explore understand adversary intent, capabilities, and infrastructure
Conduct peer review of reporting by team members, and ensure all products meet our company Intelligences analytic standards for accuracy, clarity, and objectivity.
Prioritize, categorize, and respond to requests for information from internal and external customers
Conduct briefings as needed for a variety of levels of customers as requested (via either phone, video conference, webcast, in-person briefing, or industry conference).

We are seeking a customer-focused Security Analyst to join our managed services team. As a Customer-Facing Security Analyst, you will play a critical role in delivering top-notch exposure remediation services to our clients. You will work closely with customers to assess, analyze, and mitigate exposures in their IT and cloud infrastructure, while providing expert guidance and maintaining strong client relationships.

Responsibilities:

Own and manage the primary technical relationship for a portfolio of enterprise customers, establishing yourself as their trusted security advisor and focusing on strategic security outcomes.
Deliver continuous security posture assessments by leveraging the XM Cyber platform to translate complex technical findings into actionable, risk-based insights for customers.
Master the platform to drive maximum value for customers, guiding them on configuration, best practices, and new features to ensure successful adoption and ROI.
Drive remediation outcomes by acting as the liaison between customers and their internal teams (e.g., IT Operations, DevOps, Cloud Security), helping them prioritize efforts based on attack path analysis.
Proactively track and report on progress, delivering regular status updates and executive-level business reviews (QBRs) that demonstrate risk reduction and program success.
Act as a trusted advisor on exposure and attack path management, translating industry trends into proactive, tailored recommendations that enhance your customers' security posture.
Partner with the broader account team, including Customer Success Managers and Support Engineers, to ensure a seamless customer experience. Act as the lead technical escalation point to resolve complex challenges and champion customer needs with internal teams like Product and R&D.

We are looking for an experienced Security Engineer to join our security operations team with a strong focus on detection and response.

This is a unique opportunity to leverage your threat detection and response experience and build some of the foundational systems and services to keep our infrastructure free from malicious actors and threats. You will partner closely with all engineering teams, IT administrators, and compliance analysts to ensure that we maintain sufficient visibility into our environments and develop effective programs and practices to ensure that our environments are always secure. Tooling and automation will be key to success as we scale our environments to meet customer demand.



What You Will Do:

Collaborate with different teams for building and setting up pipelines needed to gather relevant security telemetry.

Build and maintain an effective and scalable security monitoring infrastructure solution.

Develop detection strategies to identify anomalous activity and ensure that our critical infrastructure and services operate in a safe environment.

Triage alerts and drive security incidents to closure while reducing their potential impact .

Build processes and workflows to triage security alerts and respond to real incidents.

Research new threat attack vectors and ensure that our detection and response capability is in line with the current threat landscape.

Proactively improve the quality of our detection rules and strive to eliminate classes of issues by working directly with engineering teams.

Contribute to strategy, risk management, and prioritization for all efforts around detection and response.

Collaborate with the compliance team to maintain and audit security controls and processes, ensure compliance with relevant security frameworks and certifications.

Pragmatic implementing business-focused controls to safeguard the companys multi-cloud entities.

As a CyOps Analyst, you will be investigating security alerts from the platform in order to detect threats and conduct live incident response engagements, investigating and analyzing programs and software using analysis programs to identify threats and classify malware based on previous threats and commonalities, investigating and issuing threat intelligence and malware analysis report. The SOC works closely with the Research team to perform tests and uncover new attack vectors to enhance, develop, and configure threat hunting tools. Additional responsibilities include:
* Identifying unknown threats for our global clients through advanced threat hunting services to complement the standard Security Operations Center services.
* Performing analysis and forensics on security threats, malware and attacks in the wild, using industry standard platforms and tools.
About Us:
We are a leader in threat detection and response, designed to simplify security for organizations of all sizes. Our mission is to empower lean security teams and their partners with an AI-powered, unified platform that autonomously detects, protects, and responds to threats - backed by 247 security experts. With a Partner First mindset, we focus on helping customers and partners stay protected, operate confidently, and achieve their goals. Our vision is to give every organization true cybersecurity peace of mind, providing fast, accurate protection without the noise or complexity.

looking for an Incident Response Team Leader to lead investigations and response activities in support of organizations worldwide.

Cyber threats are constantly growing in volume, velocity and sophistication. When an organization is confronted with an advanced attack, it needs the strongest capabilities on its side. In many cases, an incident response engagement is in fact a battle within a network. The operational art, experience, focus, and speed of response teams can mean the difference between a minor blow, and a devastating impact on an organizations performance and reputation.

The Incident Response Team Leader will be key to the success of Incident Response projects worldwide, and should possess strong leadership skills, be highly technical and thrive in a fast-paced and dynamic environment.

Main Responsibilities

Lead a team of top-tier cyber security researchers and forensic experts conducting assessments and in-depth analysis in complex investigations, as well as security assessments.

Guide and empower team members, enhancing their technical and research skills.

Lead client-facing projects including incident response and hunting efforts for large-scale sophisticated attacks, to contain and defeat real-world cyber threats.

Collaborate and work with clients IT and Security teams during investigations.

Design and improve internal incident response technologies, methodologies, and processes.

As the Technical Director for Reactive Services, you will serve as a senior-level consultant and client advocate, providing expert guidance on all facets of cybersecurity and data breach response. You will deliver strategic and technical leadership to a diverse range of clients, helping them navigate complex security incidents. Your expertise will be critical in shaping response strategies and ensuring clients effectively mitigate and recover from cyber threats.
Key Responsibilities
Provide expert-level strategic and technical guidance to clients during active data breach response and cybersecurity incidents.
Lead complex client engagements from initial scoping and resource allocation through to technical execution and final reporting.
Apply deep knowledge of forensic processes, including chain of custody, and advanced computer and memory acquisition techniques.
Utilize industry-standard forensics tools (e.g., EnCase, FTK, SleuthKit, Volatility) for in-depth analysis across major operating systems.
Challenge curiously by maintaining hyper-current knowledge of the threat landscape, emerging vulnerabilities, and attacker TTPs to inform response strategies.
Conduct detailed analysis of malware, identify persistence mechanisms, and triage threats to determine root cause and impact.
Proactively collaborate with internal teams and client stakeholders, ensuring alignment and communicating clear, actionable findings.
Develop and automate scripts and processes to simplify and enhance the efficiency of incident response scenarios.