With 1,000 intelligence professionals, over $300M in sales, and serving over 1,800 clients worldwide, Recorded Future is the world’s most advanced, and largest, intelligence company!

We are seeking a uniquely talented individual who combines the technical acumen of a Cyber Threat Hunter with the expressive skills of a Technical Writer to work as an Emerging Threat Intelligence Analyst. This individual will be a critical component of Recorded Future’s Insikt Group, and will be a point person for cross-team collaboration both throughout Insikt Group as well as with Recorded Future’s Attack Surface Intelligence Quick Reaction Team (QRT). This individual will aid in the identification, assessment, and communication of new and emergent threats in the cybersecurity landscape, specifically vulnerability intelligence and detection.

Responsibilities

Vulnerability Analysis: You are tasked with the prompt identification, thorough analysis, and comprehensive assessment of emerging cybersecurity threats, specifically recently disclosed or exploited vulnerabilities. Your technical prowess will be crucial in ensuring our preparedness for potential risks and understanding the implications of prompt and thorough analysis of high-impact vulnerabilities.
Threat Analysis: You are tasked with the production and review of intelligence summaries accessible to all Recorded Future clients. These summaries will detail a variety of cyber threat events, including recent cyber attacks and adjustments in known threat groups’ tactics, techniques, and procedures (TTPs).
Technical Authorship: Utilizing your skill in making complex concepts accessible, you will convert intricate technical insights into engaging and easily understandable blog posts, client disclosures, and Insikt Notes. Each publication should comprehensively address the nature of the threat, its potential impact, suggested mitigation strategies, and a succinct summary for quick referencing.
Detection Engineering: Design and develop Nuclei templates for vulnerability scanning, ensuring these templates are tailored to detect new and emerging vulnerabilities efficiently. Develop custom lab environments and proof-of-concept code based on specific vulnerability signatures and behaviors. Maintain an up-to-date repository of these templates, and continually refine them to improve detection accuracy and performance. This involves creating test cases, simulating attack scenarios, and verifying that the templates correctly identify vulnerabilities without producing false positives.
Research Collaboration: You will partner with teams within Insikt Group to augment our collective understanding of emergent threats and vulnerabilities. This collaborative exploration will subsequently inform and enhance our proactive protective measures.
Cross-team Collaboration: You will be responsible for working on projects across multiple research teams within Insikt Group and QRT with weekly content production and tight deadlines.
Detailed Documentation: Your role involves meticulous record-keeping, noting intricate details of identified vulnerabilities, methodologies of discovery, and potential implications. This comprehensive record aids in understanding the nature of threats and planning appropriate responses.
Continual Professional Development: Stay abreast of the latest advancements in cybersecurity trends, threat tactics, and research methodologies, ensuring our collective knowledge remains current and comprehensive.

Qualifications

A degree in Cybersecurity, Computer Science, Information Technology, or a related discipline.
A minimum of 3 years of substantial experience in cybersecurity, with a focus on threat detection, penetration testing, or vulnerability assessment.
A solid grasp of fundamental cybersecurity principles, attack trajectories, and techniques for vulnerability analysis.
Demonstrable experience researching and analyzing new cyber threats across either a) multiple industries or b) multiple timeframes (e.g., both weekly and quarterly)
Demonstrable experience deploying known vulnerable infrastructure within a lab environment for analysis.
Demonstrable experience creating and authoring Nuclei templates for vulnerability identification and validation.
Practical experience using common threat intelligence analysis models such as MITRE ATT&CK, D3FEND, the Diamond Model, and the Cyber Kill Chain
Practical experience with network and web application penetration testing tools such as, Burp Suite, NMap, Fiddler, and Wireshark
Familiarity with and use of common cyber threat intelligence tools such as DomainTools, VirusTotal, SHODAN, etc.
Demonstrable experience in technical writing, showcasing an ability to translate complex technical concepts into engaging, reader-friendly content.
Demonstrably strong writing ability, to be assessed via a writing sample
A meticulous attention to detail, underscoring a commitment to accuracy and thoroughness in all aspects of work.
Capable of functioning effectively within a team as well as independently.

Preferred but not required:

Relevant industry certifications such as OSCP, OSWA, GWAPT, Pentest+, or equivalent.
Familiarity with scripting and programming languages such as YAML, Python, Golang, Javascript, C, etc.
Prior experience within a quick reaction or incident response team environment.
Practical experience with malware detections, including YARA, Sigma, and Snort

Why should you join Recorded Future?
Recorded Future employees (or “Futurists”), represent over 40 nationalities and embody our core values of having high standards, practicing inclusion, and acting ethically. Our dedication to empowering clients with intelligence to disrupt adversaries has earned us a 4.8-star user rating from Gartner and more than 45 of the Fortune 100 companies as clients.

Want more info?
Blog & Podcast: Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence
Instagram & Twitter: What’s happening at Recorded Future
The Record: The Record is a cybersecurity news publication that explores the untold stories in this rapidly changing field
Timeline: History of Recorded Future
Recognition: Check out our awards and announcements

We are committed to maintaining an environment that attracts and retains talent from a diverse range of experiences, backgrounds and lifestyles. By ensuring all feel included and respected for being unique and bringing their whole selves to work, Recorded Future is made a better place every day.

If you need any accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to our recruiting team at careers@recordedfuture.com

Recorded Future is an equal opportunity and affirmative action employer and we encourage candidates from all backgrounds to apply. Recorded Future does not discriminate based on race, religion, color, national origin, gender including pregnancy, sexual orientation, gender identity, age, marital status, veteran status, disability or any other characteristic protected by law.

Recorded Future will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.

Notice to Agency and Search Firm Representatives:
Recorded Future will not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to Recorded Future, including those sent to our employees or through our website, will become the property of Recorded Future. Recorded Future will not be liable for any fees related to unsolicited resumes.

Agencies must have a valid written agreement in place with Recorded Future's recruitment team and must receive written authorization before submitting resumes. Submissions made without such agreements and authorization will not be accepted and no fees will be paid.

Apply for this Job

* Required

First Name *

Last Name *

Email *

Phone

Resume/CV

Dropbox Google Drive

(File types: pdf, doc, docx, txt, rtf)

Cover Letter

Dropbox Google Drive

(File types: pdf, doc, docx, txt, rtf)

LinkedIn Profile

How did you hear about this job? *

Recorded Future – Candidate Privacy Notice *

This candidate privacy notice explains who we are, why and how we process personal data relating to candidates and, if you are the subject of any of the personal data concerned, your rights and our contact details if you want further information or help.

When you apply for a job on www.recordedfuture.com the personal data contained in your application will be collected and processed by Recorded Future, Inc. (“we, us, our”). For the purposes of European Economic Area data protection law, (the "Data Protection Law"), the data controller is: Recorded Future, Inc., 363 Highland Avenue, Somerville, MA 02144, recruiting@recordedfuture.com ("Controller"). Our data protection officer is Frederic Wolens, who can be contacted at privacy@recordedfuture.com

We may process personal data relating to you that we have either obtained from you, or obtained from a third party including your previous or existing employers or reference agencies.

Personal data we may collect from you:

-Your name and contact information (home address, home phone number, personal mobile number, personal email address).
-Your country of residence, citizenship, passport information and information relevant to your right of residence or right to work.
-Your date of birth.
-Your national insurance or social security details, or other similar information that is used by the government to identify you.
-Your gender.
-Your bank account information or other related financial details.
-Details of your education and previous employment history.
-Your driver's license and related information
-Your photograph.

We may process special categories of information relating to you. The processing of this information is strictly controlled by applicable law and will only be processed in limited circumstances, and may include:

Information relating to your physical characteristics, health or any disabilities, where this is relevant to your occupation or employment (for example, for the purposes of occupational health).

Information relating to your marital status, racial characteristics or sexual orientation where this is relevant to, for example, diversity monitoring. This will normally only be processed with your consent in which case you are free to choose to provide this information, or not.

Your personal data will be processed for our legitimate interests for the purpose of managing our recruitment related activities, which include the setting up and conducting of interviews and tests for applicants, evaluating and assessing the results thereto and the selection of applicants for employment. As part of the recruitment and hiring processes we will need to process your personal data for the performance of a contract where we have offered you a position with our company.

Your personal data will be shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by us to help manage our recruitment and hiring process on our behalf. Accordingly, if you are located outside of the United States, your personal data will be transferred to the United States once you submit it through this site. Because the European Union Commission has determined that United States data privacy laws do not ensure an adequate level of protection for personal data collected from EU data subjects, the transfer will be subject to appropriate additional safeguards under the EU-US Privacy Shield.

Your personal data will be retained by us for as long as we decide that it is necessary to evaluate your application and determine whether to make you an offer of employment. After which it will be deleted or archived except to the extent that it is necessary for us to continue to process it for the purpose of compliance with legal obligations to which we are subject or for another legitimate and lawful purpose.

Under the GDPR, you have the right to request (i) access to your personal data, (ii) that your personal data be rectified or erased; and (iii) that processing of your personal data be restricted. You also have the right to data portability. In addition, you may lodge a complaint with your local supervisory authority. The Information Commissioner is the supervisory authority in the UK and can provide further information about your rights and our obligations in relation to your personal data.

Acknowledged

Are you legally authorized to work in the United States for Recorded Future? *

Do you now, or will you in the future, require sponsorship to work legally in the United States? *

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Recorded Future’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Gender

Are you Hispanic/Latino?

Please identify your race

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Veteran Status

Voluntary Self-Identification of Disability

Form CC-305

Page 1 of 1

OMB Control Number 1250-0005

Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

Alcohol or other substance use disorder (not currently using drugs illegally)
Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
Blind or low vision
Cancer (past or present)
Cardiovascular or heart disease
Celiac disease
Cerebral palsy
Deaf or serious difficulty hearing
Diabetes
Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
Epilepsy or other seizure disorder
Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
Intellectual or developmental disability
Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
Missing limbs or partially missing limbs
Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
Partial or complete paralysis (any cause)
Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
Short stature (dwarfism)
Traumatic brain injury

Disability Status

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Enter the verification code sent to to confirm you are not a robot, then submit your application.

Security Code *

This application was flagged as potential bot traffic. To resubmit your application, turn off any VPNs, clear the browser's cache and cookies, or try another browser. If you still can't submit it, contact our support team through the help center.

Senior Emerging Threat Intelligence Analyst