Threat Intelligence Analyst

Job Locations US-IL-Chicago | US-IA-West Des Moines
ID 2023-10540
Information Technology
Position Type
Experienced Professional


As a Threat Intelligence Analyst, you will be responsible for supporting a new threat intelligence function at StoneX. You will work closely with the Threat Intelligence Manager to provide timely situational awareness, translate cyber threats into actionable information to ensure resources are focused on the right risks, and to reduce the probability of material impact to the company.


This is an individual contributor hybrid position that requires 3 days in the office per week at one of the locations listed in this job posting. At this time, StoneX will not sponsor a new applicant or transfer for employment authorization for this position. If your resume doesn't perfectly line up with the responsibilitites and qualfications, we encourage you to apply anyway. You could be one step away from work that will transform your life and career.




Key Responsibilities:

  • Perform collection and analysis of threat data and intelligence to support stakeholder intelligence requirements.
  • Develop strategic, tactical, and operational intelligence products for stakeholder dissemination.
  • Present intelligence related to cyber threats at both a technical and management level to help shape both tactical and strategic priorities.
  • Research and analyze TTPs (tactics, techniques, and procedures) to generate behavioral security posture improvement actions, such as detections or hunt packages, to support the identification of cyber threats within the StoneX environment.
  • Provide intelligence support during incident response engagements.
  • Collaborate with Threat Intelligence Team members, internal teams and departments, and appropriate business partners to address the cyber threat landscape.
  • Escalate issues to management in a timely manner with appropriate information regarding risk and impact.
  • Develop and build automation playbooks, as well as maintain and update the Threat Intelligence aspects to the security orchestration, automation, and response (SOAR) solution
  • Exercise independent judgement in methods, techniques, and evaluation criteria for obtaining results. 


This job might be for you if:

  • You enjoy learning about cyber threats and proactively protecting an organization.
  • You enjoy digging through the logs and interpreting the data.
  • You love taking on difficult challenges, finding creative solutions, and stepping outside your comfort zone to learn and grow.
  • You do not get flustered easily. If you do not know the answer, you will use the available resources to try to find the answer first. 
  • You enjoy working on a team to fulfill a mission.
  • You are fluent in English.
  • You possess excellent verbal and writing skills.
  • You enjoy reading, research, and writing.
  • You have a radical curiosity.
  • You are motivated and driven. You volunteer for new challenges without waiting to be asked. You’re going to take ownership of the time you spend with us and truly make a difference. 


To land this role:

You need to exhibit a high degree of emotional intelligence, empathy, and the ability to learn quickly. Experience with MITRE ATT&CK and Python is a plus! The ability to write well is a requirement of this job. 


Basic Qualifications

  • A college or university degree with 1 – 3 years’ professional experience; or no college or university degree with 5 years’ professional experience. If the applicant has a degree it is preferred in Information Security, Computer Sciences, Information Systems, Engineering, Sciences, International Studies, STEM or a related field.
  • Experience with frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK.
  • Experience with TCP/IP, common networking ports and protocols (HTTP, DNS, etc.), traffic flow, system administration, defense-in-depth, and common security elements.
  • Experience with information analysis and the intelligence analysis cycle.
  • Familiarity with developing and curating intelligence related to the cyber threat landscape such as threat actors, malware, vulnerabilities and tactics, techniques, and procedures.
  • Experience with performing technical indicator and TTPs analysis across different platforms and datasets.
  • Commitment to training, self-study and maintaining proficiency in the cyber threat intelligence domain.


Preferred Qualifications

  • Experience in Incident Response, Security Operations or Cyber Threat Intelligence functions.
  • Experience with translating threat intelligence from OSINT and private intelligence reports into custom detections and mitigations across multiple security technologies.
  • Experience in developing detections to aid in the proactive identification of adversary capabilities using various open and closed source platforms.
  • Experience performing automated malware analysis to identify functionality of adversary tools and capabilities.
  • Experience performing data analysis using a Security Information and Event Management (SIEM) system and the creation of queries, alerts, and reports.
  • Experience using a SOAR platform and creating automation playbooks with Python.
  • Experience using structured analytic techniques and identifying biases.
  • Understands attack signatures, tactics, techniques, and procedures associated with advanced threats and the ability to develop relevant alerting and countermeasures.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed