Senior Threat Researcher and Intelligence Analyst

The Senior Threat Researcher and Intelligence Analyst will lead advanced threat research, analyze cyber threat intelligence (CTI), and provide actionable insights to bolster the organization's cybersecurity posture. This position requires deep expertise in understanding the evolving threat landscape, analyzing adversarial tactics, techniques, and procedures (TTPs), and leveraging threat intelligence to inform detection, response, and prevention strategies. You will collaborate with internal teams and external partners to ensure the organization is well-protected against emerging threats, advanced persistent threats (APTs), and sophisticated cyber-attacks.

Key Responsibilities:

• Threat Research and Analysis:

i)        Lead in-depth research into emerging threats, malware, ransomware, and cyber-attack campaigns to understand adversarial behavior.

ii)      Conduct deep-dive analysis of cyber threats using various tools, including malware analysis, reverse engineering, and network forensics.

iii)    Identify new TTPs threat actors use and provide detailed analysis to enhance detection and prevention capabilities.

• Threat Intelligence Gathering and Reporting:

i)        Collect, process, and analyze threat intelligence data from multiple sources, including open-source intelligence (OSINT), dark web sources, commercial threat feeds, and partner intelligence.

ii)      Generate comprehensive threat reports, including technical details, behavioral indicators, and strategic recommendations to inform security operations and risk mitigation.

iii)    Continuously monitor global cyber threat developments, geopolitical factors, and industry-specific risks that could impact the organization.

• Operational Threat Intelligence Integration:

i)        Collaborate with the security operations center (SOC) and incident response teams to provide real-time threat intelligence during security incidents.

ii)      Translate raw threat intelligence into actionable items for the SOC and detection engineering teams to improve detection, alerting, and hunting capabilities.

iii)    Develop and maintain threat intelligence-driven detection rules, such as YARA and Snort signatures, and integrate them into existing security tools (e.g., SIEM, EDR).

• Advanced Threat Hunting:

i)        Lead proactive threat-hunting activities across network and endpoint environments to identify hidden threats, malware, and adversary behavior.

ii)      Utilize the MITRE ATT&CK framework to map detected activities and improve threat-hunting and detection strategies.

iii)    Identify gaps in detection coverage and collaborate with detection engineers to improve threat visibility.

• Strategic Threat Assessment:

i)        Conduct long-term assessments of potential cyber threats impacting the organization’s industry, geopolitical risks, and targeted attack campaigns.

ii)      Develop strategic recommendations for executives and security leadership based on threat landscape assessments and industry trends.

iii)    Contribute to developing cybersecurity strategies and policies to improve the organization’s resilience against future threats.

Required Qualifications:

• Bachelor’s or Master’s degree in Computer Science, Information Security, Cybersecurity, or a related field.
• 5+ years of experience in cybersecurity, focusing on threat research, intelligence analysis, and threat hunting.
• Strong understanding of malware analysis, reverse engineering, and TTPs of various threat actors (including APTs).
• Expertise in gathering and analyzing threat intelligence from multiple sources (OSINT, dark web, commercial feeds).
• Experience with security tools and platforms like SIEM, EDR, IDS/IPS, malware sandboxes, and threat intelligence platforms (TIP).
• Proficiency with tools and techniques for analyzing and writing detection signatures (YARA, Snort, Suricata).
• Deep knowledge of the MITRE ATT&CK framework, Cyber Kill Chain, and how these frameworks guide threat detection and response.
• Experience collaborating with security operations centers (SOC), incident response, or threat intelligence teams.
• Strong analytical and problem-solving skills with the ability to think strategically about evolving threats.
• Excellent communication skills, with the ability to convey technical details and strategic insights to technical and non-technical audiences.
• Collaborative mindset and ability to work effectively with cross-functional teams.
• Self-motivated and able to lead projects with minimal supervision.

Preferred Qualifications:

• Relevant certifications include CISSP, GIAC (GCIH, GCIA, GREM), CEH, or OSCP.
• Strong technical writing skills and experience producing detailed threat intelligence reports.
• Hands-on experience with malware analysis tools (IDA Pro, Ghidra), network analysis tools (Wireshark, Bro/Zeek), and threat-hunting platforms.
• Familiarity with scripting languages like Python, PowerShell, or Bash for automating intelligence analysis and threat-hunting tasks.
• Experience with cloud security and understanding of threats targeting cloud infrastructure.

Employee Value Proposition (EVP):

At Aryaka, we offer a dynamic and innovative work environment where you will have the opportunity to make a significant impact in the network security industry. Our commitment to cutting-edge technology and customer satisfaction provides a platform for continuous learning and professional growth.

Who Are we-

Aryaka is the leader and first to deliver Unified SASE as a Service, the only SASE solution designed and built to deliver performance, agility, simplicity and security without tradeoffs. Aryaka meets customers where they are on their unique SASE journeys, enabling them to seamlessly modernize, optimize and transform their networking and security environments. Aryaka’s flexible delivery options empower enterprises to choose their preferred approach for implementation and management. Hundreds of global enterprises, including several in the Fortune 100, depend on Aryaka for cloud-based software-defined networking and security services. For more on Aryaka, please visit www.aryaka.com

Why Aryaka –

We have won “Great Places to Work” World-Wide for 4 consecutive years because we have an amazing company culture that is inviting, collaborative, supportive, and inclusive to our employees.  We encourage our employees to expand their knowledge base and provide the tools to help them get there.  We are always innovating and looking at ways to improve and expand, and we listen to our employees and their ideas.  We have an amazing group of very respected “Thought Leaders” who are always open to mentoring.  We consider ourselves great Corporate Citizens which we show through our “Women In Technology” Program and “AryakaCares” Program as well as others. Our Benefits are World-Class and we offer a flexible work structure to allow you to maximize on your work/life balance. As Aryakans, we are 100% dedicated to being an equal opportunity employer and supporter of Diversity, Inclusion, and Belonging.

Third-Party Agency Notice: Aryaka does not accept unsolicited resumes from 3rd party agencies. Should any agency send a resume to any employee within Aryaka without explicit invitation, the resume will be considered a gift, and no fee will be paid. All agencies must have a signed contract from Talent Acquisition management prior to any engagement.