The Role:
As part of Halcyon’s greater mission “to make ransomware history”, we are expanding our capabilities to include the discovery and analysis of “pre-crime” activity to mitigate ransomware in advance of an attack. To this end, Halcyon is looking for a skilled and experienced intelligence analyst. The Principal Intel Analyst will be responsible for researching, crafting, and conveying analytical products sourced from "on the ground" research into threat actors operating in the cybercrime underground. The successful candidate possesses a solid background tracking cybercrime threat actors and a subject matter expertise of the financially motivated cybercrime underground economy.
Responsibilities:
Identify, research, coordinate, and produce research reports centered around financially-motivated cybercrime threat actors observed in underground forums and marketplaces that are actionable by Halcyon’s pre-crime team
Work independently and within the team to identify new and creative opportunities to research and convey valuable pre-crime assessments to clients
Synchronize and prioritize with the Halcyon pre-crime team research targets to optimize and satisfy clients' Priority Intelligence Requirements (PIR)
Answer specific Requests for Information (RFI) from clients regarding threats or concerns
Help design new and innovative processes and programs to build efficiencies and scalability as the company continues to grow
Skills and Qualifications:
5+ years of experience working in a cyber threat intelligence, cybercrime investigative/analytical, financial fraud analysis, or similar setting
Ability to demonstrate subject matter expertise of financially-motivated cybercrime threats and the underground economy ecosystem (eg. cybercrime forums, marketplaces, enabling services, dump shops, etc.)
Strong understanding of cybercrime threat actors and their tactics, techniques and procedures in the the underground economy ecosystem
Existing access to the underground economy ecosystem with credible and active personas
Familiarity of the technical aspects of malware, botnets, ransomware, and other malicious tools
Exposure to the intelligence cycle in a law enforcement, military, security service, cyber threat intelligence team, or similar setting, ideally on a global level
Experience with link-analysis methodologies and tools (e.g., Maltego or Analysts Notebook)
Good Open Source Intelligence (OSINT) gathering skills
Equally capable of working independently or in a team environment
Excellent written and verbal skills, fluency in English is required
Bonus Skills and Qualifications:
Proven experience as a team leader, particularly in an intelligence analysis role
Experience as a penetration tester or other offensive security professional
Experience as an incident responder with examples of cases handled and their outcomes
Coding skills in python with examples of projects and contributions to past successes
Russian language writing and reading skills, including fluency with relevant slang terms
Benefits:
Halcyon offers the following benefits to eligible employees:
Comprehensive healthcare (medical, dental, and vision) with premiums paid in full for employees and dependents.
401k plan with a generous employer contribution.
Short and long-term disability coverage, basic life and AD&D insurance plans.
Medical and dependent care FSA options.
Flexible PTO policy.
Parental leave.
Generous equity offering.
The Company reserves the right to modify or change these benefits programs at any time, with or without notice.
Base Salary Range: $130,000 - $175,000
Bonus Target: 20%