Security Intelligence Analyst

With RiskIQ, Inc. in San Francisco CA US

More jobs from RiskIQ, Inc.

Posted on June 08, 2019

About this job

Location options: Paid relocation
Job type: Full-time
Experience level: Mid-Level, Senior
Role: System Administrator


security, python

Job description

RiskIQ is the world leader in Attack Surface Management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 80 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social, and mobile exposures. Trusted by thousands of security analysts, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk, and take action to protect business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners, and MassMutual Ventures.

We are looking for a RiskIQ is looking for an intelligence analyst to join our team in San Francisco, Kansas City, or Remotely.

Role Overview
RiskIQ’s Security Intelligence Fusion Team’s objective is to delivers tactical intelligence to RiskIQ customers based on research into both threats and vulnerabilities impacting our customer base. The analyst will leverage RiskIQ data to surface suspicious and interesting events to highlight potential vulnerabilities that attackers could leverage as avenues of attack across our customer bases attack surface. In addition the analyst will research and track new and ongoing attack campaign to provide actionable threat intelligence to our customers and in our platforms. 

Your responsibilities will include:

  • Apply your analytical knowledge and understanding of threat actors and attack vectors to proactively surface, analyze, and investigate malware, phishing, mobile, brand, vulnerability, and threat incidents to deliver tactical threat intelligence to RiskIQ’s customer base
  • Build off open source intelligence (OSINT) reporting to provide customers focused intelligence via RiskIQ’s platform in the form of indicators of compromise, threat intelligence projects and attack surface insights.
  • Produce short form intelligence deliverables for use in customer briefings, trainings, and public facing blog posts
  • Leverage the RiskIQ global collection grid to deliver intelligence reports on emerging threats and security trends
  • Enable & increase RiskIQ’s on going detection efforts by discovering unique attack attributes, building custom detection rules, and surfacing new and ongoing attack campaigns
  • Assist in training our detection models to identify malicious webpages and mitigating false positives across our detection mechanisms
  • Ability to work across a cross functional and distributed team of engineers, data scientists, security researchers, and analysts to deliver new capabilities and reporting


  • Minimum of 3 experience security operations and threat intelligence experience
  • Highly motivated analyst with the ability to deliver in a fast-paced, self directed environment
  • Analytical mindset and passion for digging through data to surface events of interest
  • Excellent verbal, written, and interpersonal communications skill with the ability to concisely communicate and present technical and analytical findings across a broad spectrum of customers

Desired Experience

  • Experience developing scripts and tools to enable analysis to query large data sets using python or other scripting languages
  • Ability to conduct malware analysis and analyze network traffic associated with advanced attack campaigns

Apply here