Remoote.app

Work from anywhere. Start here.

Free resume builderCompaniesLog in
Apply

Threat Intelligence Analyst

Posted 15 days agoViewed

View full description

💎 Seniority level: Senior, 5+ years

📍 Location: UK

🏢 Company: Abnormal Security👥 501-1000💰 $250,000,000 Series D 7 months agoArtificial Intelligence (AI)EmailInformation TechnologyCyber SecurityNetwork Security

🗣️ Languages: English

⏳ Experience: 5+ years

🪄 Skills: AWSDockerPythonSQLAgileCloud ComputingCybersecurityData AnalysisGCPKubernetesAPI testingAzureData StructuresREST APICI/CDLinuxDevOpsTerraformMicroservicesJSONData modelingScriptingSaaS

Requirements:
  • 5+ years in cyber threat intelligence, threat hunting, or security research.
  • 3+ years of experience in threat hunting and threat research within cloud ecosystems.
  • Expertise in cloud security, SaaS-based attacks, and email security threats (ATO, BEC, phishing, MFA bypass, etc.).
  • Strong data analysis skills with experience using SQL, PySpark, or other query languages to investigate large-scale threats.
  • Deep understanding of MITRE ATT&CK, phishing tactics, and adversary infrastructure analysis.
  • Hands-on experience with email security platforms, cloud threat analytics, and security automation
  • Ability to work cross-functionally with other departments such as R&D, Engineering, and Operations to achieve comprehensive cybersecurity coverage.
Responsibilities:
  • Perform threat hunting and investigative research in Cloud/SaaS environments, focusing on email security, phishing, and account takeovers.
  • Identify MFA bypass techniques, phishing infrastructure, and cloud-native attack methods targeting enterprise SaaS environments.
  • Fuse internal telemetry, OSINT, and third-party intelligence sources to uncover and disrupt evolving threat actor campaigns.
  • Develop threat models and attack hypotheses to identify new cloud-focused attack vectors.
  • Conduct incident triage and investigative support for escalated incidents, providing internal teams with expertise on threat actors’ tools, techniques, and procedures (TTPs).
  • Collaborate with R&D and Engineering teams to translate threat intelligence into scalable detections and mitigations.
  • Design and refine cloud threat detection logic, hunting queries, and behavioral analytics to identify attacker activity.
  • Analyze phishing toolkits, adversary infrastructure, and cloud-native attack methodologies to enhance proactive defenses.
  • Work with product security teams to improve email security and identity protection mechanisms in Cloud/SaaS platforms.
  • Track and analyze threat actor groups, phishing campaigns, and cloud-based attack methodologies.
  • Provide technical intelligence briefings to R&D and Engineering teams to inform security product improvements.
  • Partner with internal stakeholders to evaluate emerging threats and recommend security enhancements for SaaS environments.
Apply