logo inner

Cyber Threat Intelligence Analyst I

CofenseUnited StatesRemote, Onsite

Reporting to the Manager of Intelligence Operations, the Cyber Threat Intelligence Analyst I is responsible for identifying, collecting, analyzing, and documenting the indicators and observables from phishing campaigns and malware binaries to produce actionable, timely intelligence to our broad range of customers.

Essential Duties/Responsibilities


  • Analyze email-based threats, including phishing attempts, spear-phishing campaigns, and social engineering tactics to identify malicious activity.
  • Analyze attachments, links, and payloads associated with phishing emails, identifying and documenting malware and/or credential phishing payloads and associated artifacts.
  • Identify and document indicators of compromise (IOCs) from phishing emails, credential phishing campaigns, and malware samples (e.g., IP addresses, domain names, hashes) for use in identification and remediation efforts.
  • Perform opensource based investigations of credential phishing sites and associated infrastructure.
  • Stay up to date with evolving phishing tactics, techniques, and procedures (TTPs), emerging malware, and cybersecurity best practices.
  • Contribute to analysis reporting on more sophisticated malware and credential phishing, with guidance.
  • Contribute insight to in-depth strategic reporting on attacker trends and TTPs.
  • Author threat assessments that assist customers in understanding threat’s relevance and potential impact.
  • Analyze phishing campaigns and related threats to identify patterns, changes, and anomalies.
  • Other duties as assigned.

Knowledge, Skills and Abilities Required


  • Strong attention to detail and analytical skills.
  • Ability to document findings clearly and concisely.
  • Excellent communication skills, with the ability to document findings clearly and collaborate with cross-functional teams.
  • Self-motivated, eager to learn, and committed to growth in the cybersecurity threat intelligence and analysis field.
  • Ability to work in a fast-paced, team-oriented environment.
  • Basic understanding of email protocols, headers, and related encoding formats.
  • Familiarity with programming and scripting languages (e.g., Python, JavaScript, Visual Basic).
  • Basic understanding of malicious software, malware families, and their behaviors.
  • Basic familiarity with tactics, techniques, and procedures (TTPs) used in phishing campaigns.
  • Quick learner with the ability to adapt to new tools and tradecraft standards.
  • Ability to learn and quickly implement tradecraft standards.
  • Basic knowledge of common malware families, email-based threats, and tactics used in phishing campaigns.

Education and/or Experience:


A Bachelor’s degree in a related field such as Computer Science, Computer Forensics, or Justice Science preferred, but not required.

  • At least 1-2 years of experience in cyber threat intelligence research, analysis, and/or threat correlation is strongly preferred.
  • Knowledge and basic with Linux, Mac, and Windows based OS’s is strongly preferred.
  • Experience with TCP/IP packet capture and investigation software, e.g. Wireshark, HTTP debuggers is preferred.
  • Experience with malware analysis, credential phishing analysis, and/or reverse engineering is a plus.
  • Experience with open-source phishing investigation tools such as: URLScan, Shodan, and VirusTotal is a must.
  • Experience with analyzing email headers, attachments, and links for signs of malicious behavior is strongly preferred.

Life at Cofense

Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. We deliver a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. Our collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. From driving awareness to security automation and orchestration, our solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. Today this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.
Thrive Here & What We Value1. Committed to equal employment opportunity2. No discrimination on legally recognized basis [protected class]3. Recruitment, Hiring, Training, Compensation, Promotion, Benefits, Discipline adherence4. Right to alter job description at any time without notice5. Commitments in all aspects of employment
View more
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025