Sr. Intelligence Analyst | Remote, USA

About the position

The Senior Cyber Threat Intelligence Analyst is a key member of the Global Threat Intelligence Center (gTIC), responsible for leading advanced intelligence research, driving threat‑informed defense initiatives, and producing high‑impact intelligence products for internal stakeholders and external clients. This role blends hands-on OSINT investigations, automated threat intelligence pipeline management, deep-dive adversary research, and cross-team collaboration in support of ongoing cyber defense operations. Candidates must demonstrate strong analytical tradecraft, mastery of intelligence frameworks, and the ability to communicate complex threats clearly to both technical and executive audiences. How you’ll make an impact: Threat Intelligence Research & Analysis Conduct daily OSINT‑based threat hunting to identify emerging threats, adversary behaviors, and relevant indicators of compromise (IOCs). Perform guided and unguided research into threat actors, campaigns, malware families, vulnerabilities, and exploits. Analyze open and closed environments to map adversary networks, identify credible threats, and track actor communities. Produce tactical, operational, and strategic intelligence products, including client‑facing briefings, written assessments, and threat forecasts. Develop comprehensive threat reports on adversaries, global cyber events, and counter-threat considerations. Act as a senior escalation point for incident responders, threat analysts, and engineering teams. Automation, Enrichment & Technical Support Leverage RESTful APIs, Python, and automation tooling to upload, validate, and enrich IOCs. Assess and maintain automated threat intelligence sources; add, tune, or deprecate feeds as needed. Cross‑Team Collaboration & Client Engagement Work collaboratively with IR teams, SOC leadership, and partner units to support threat-informed detection engineering and active cyber campaign response. Respond to Requests for Information (RFIs) and investigate potential false positives or intelligence mismatches. Brief internal stakeholders, leadership, and clients on evolving threat activity and recommended defensive actions. Participate in industry forums and represent gTIC through research publications, conference presentations, and community engagement. Drive continuous improvement of the intelligence lifecycle, collection management, and analytic rigor. Support development of next‑generation analytics platforms and big‑data‑driven intelligence capabilities. Travel as needed (up to 15–20%) for client engagements, conferences, and intelligence‑sharing events. What we’re looking for: 8+ years of experience in cybersecurity, threat intelligence, incident response, or related technical fields — or equivalent demonstration of capability and excellence. Proven experience with OSINT methodologies and threat research fundamentals. Strong understanding of intelligence tradecraft frameworks, including: MITRE ATT&CK Diamond Model Intelligence Cycle Cyber Kill Chain Pyramid of Pain Solid knowledge of malware analysis concepts and how malware informs intelligence operations. Working knowledge of modern cybersecurity tooling including SIEM, EDR, and vulnerability assessment platforms. Proficiency with Python or similar scripting languages. Strong Linux foundation and comfort with command‑line utilities. Excellent written and verbal communication skills, including the ability to translate complex technical findings into clear, concise reports. Experience delivering client‑facing briefings and handling executive‑level conversations. Strong time management and ability to prioritize multiple concurrent research tasks. Preferred Qualifications Security certifications such as OSCP, GIAC (GCTI/GOSI/GREM), CEH, Security+, or similar. Strong understanding of exploitation techniques, low‑level system fundamentals, assembly, or processor architecture. Experience with big-data analytics platforms or developing next-generation threat intelligence capabilities. Track record of publishing research or presenting at conferences. #LI-GN1 What you can expect from Optiv A company committed to our inclusive value through our Employee Resource Groups Work/life balance Professional training resources Creative problem-solving and the ability to tackle unique, complex projects Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities. The ability and technology necessary to productively work remotely/from home (where applicable) EEO Statement Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law. Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice . If you sign up to receive notifications of job postings, you may unsubscribe at any time.

Responsibilities

• Threat Intelligence Research & Analysis Conduct daily OSINT‑based threat hunting to identify emerging threats, adversary behaviors, and relevant indicators of compromise (IOCs).
• Perform guided and unguided research into threat actors, campaigns, malware families, vulnerabilities, and exploits.
• Analyze open and closed environments to map adversary networks, identify credible threats, and track actor communities.
• Produce tactical, operational, and strategic intelligence products, including client‑facing briefings, written assessments, and threat forecasts.
• Develop comprehensive threat reports on adversaries, global cyber events, and counter-threat considerations.
• Act as a senior escalation point for incident responders, threat analysts, and engineering teams.
• Automation, Enrichment & Technical Support Leverage RESTful APIs, Python, and automation tooling to upload, validate, and enrich IOCs.
• Assess and maintain automated threat intelligence sources; add, tune, or deprecate feeds as needed.
• Cross‑Team Collaboration & Client Engagement Work collaboratively with IR teams, SOC leadership, and partner units to support threat-informed detection engineering and active cyber campaign response.
• Respond to Requests for Information (RFIs) and investigate potential false positives or intelligence mismatches.
• Brief internal stakeholders, leadership, and clients on evolving threat activity and recommended defensive actions.
• Participate in industry forums and represent gTIC through research publications, conference presentations, and community engagement.
• Drive continuous improvement of the intelligence lifecycle, collection management, and analytic rigor.
• Support development of next‑generation analytics platforms and big-data-driven intelligence capabilities.
• Travel as needed (up to 15–20%) for client engagements, conferences, and intelligence‑sharing events.

Requirements

• 8+ years of experience in cybersecurity, threat intelligence, incident response, or related technical fields — or equivalent demonstration of capability and excellence.
• Proven experience with OSINT methodologies and threat research fundamentals.
• Strong understanding of intelligence tradecraft frameworks, including: MITRE ATT&CK Diamond Model Intelligence Cycle Cyber Kill Chain Pyramid of Pain
• Solid knowledge of malware analysis concepts and how malware informs intelligence operations.
• Working knowledge of modern cybersecurity tooling including SIEM, EDR, and vulnerability assessment platforms.
• Proficiency with Python or similar scripting languages.
• Strong Linux foundation and comfort with command‑line utilities.
• Excellent written and verbal communication skills, including the ability to translate complex technical findings into clear, concise reports.
• Experience delivering client‑facing briefings and handling executive‑level conversations.
• Strong time management and ability to prioritize multiple concurrent research tasks.

Nice-to-haves

• Security certifications such as OSCP, GIAC (GCTI/GOSI/GREM), CEH, Security+, or similar.
• Strong understanding of exploitation techniques, low‑level system fundamentals, assembly, or processor architecture.
• Experience with big-data analytics platforms or developing next-generation threat intelligence capabilities.
• Track record of publishing research or presenting at conferences.

Benefits

• A company committed to our inclusive value through our Employee Resource Groups
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities
• “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)