Threat Intel & Anti-Phishing Analyst

Join our threat intel function and proactively detect and disrupt attacks targeting our people, platforms, and reputation. This role blends OSINT, phishing triage, and brand protection.

●      Monitor dark web, breach databases, and external forums for company-related exposure.

●      Track emerging threats, TTPs, and sector-specific risks.

●      Maintain IOC feeds, threat intel repositories, and weekly intelligence summaries.

●      Share actionable intelligence with SOC, AppSec, and Cloud teams.

●      Phishing & Email Security

●      Triage employee-reported phishing emails and perform header/URL/IOC analysis.

●      Work with email security tools/vendors to block and remediate threats.

●      Support SPF/DKIM/DMARC monitoring and policy tuning.

●      Detects brand impersonation, typosquatting, and fake domains.

●      Brand Protection & Impersonation

●      Monitor web and social platforms for impersonation attempts.

●      Work with HR, Legal, and Communications on executive/employee impersonation cases.

●      Coordinate domain and content takedown requests.

●      Threat Hunting & Incident Support

●      Provide threat context and enrichment to SOC during investigations.

●      Assist with periodic threat-hunting activities.

●      Support incidents with IOC validation, kill-chain mapping, and attribution analysis.

What You Bring:

●      4+ years in SOC, Cyber Threat Intelligence, DFIR, Email Security, or Phishing Analyst roles.

●      Strong understanding of threat actor behaviors, malware delivery, phishing methods, and social engineering.

●      Hands-on experience with Threat Intel Platforms (Recorded Future, Intel471, HaveIBeenPwned, VirusTotal, Shodan, etc.).

●      Ability to analyze email headers, SMTP flow, SPF/DKIM/DMARC, and phishing artifacts.

●      Familiarity with IOC formats (IOC, STIX, TAXII, MITRE ATT&CK mappings).

●      Comfortable with basic scripting (Python, Bash) for automation and enrichment.

●      Knowledge of malware indicators, C2 infrastructure, rogue domains, and phishing pages.

●      Excellent writing skills for executive-ready threat alerts and concise summaries.

●      Strong analytical thinking, attention to detail, and the ability to handle time-sensitive investigations.

●      Good collaboration skills to work with SOC, HR, Legal, Engineering, and Communications teams.

Nice to Haves:

●      Experience with MISP, Cofense, IRONSCALES, PhishTool, or similar tools.

●      Experience with Ninjio, KnowBe4, or other phishing training platforms.

●      Exposure to SIEM tools and log analysis (Splunk, Sentinel, Elastic).

●      Knowledge of AI tools like ChatGPT, prompt engineering for automation, and enrichment workflows.

●      Experience in conducting brand monitoring and takedown procedures.