Senior Intelligence Analyst

  • Facebook
  • Twitter
  • LinkedIn
  • Email
  • Search
  • Jobs/gigs
  • Post a job
  • Your jobs (posted or applied)
  • Alerts (preferences)
  • Your genome
  • Signal
  • Messages
  • Torre's product roadmap
  • Request features
  • API for developers
  • Help
  • English (en)

What language do you want to use Torre in?

Senior Intelligence Analyst

A full-time team member or employee

Skills and experience needed

5+ years of experience
IT Security

Organization(s) name(s)


Time zone

Monetary compensation

To be defined

Monetary compensation

To be defined

Why this opportunity exists

The Splunk Senior Intel Analyst works with the Sr. Manager of Threat Hunting and Intelligence in our fast-growing Splunk Global Security organization. This role may be located in either in San Jose or Washington DC. Self-starters will love this job, as you will play an important role in the build-out of the cyber threat intelligence service. You will assist in the collection, analysis, and dissemination of intelligence to support both tactical and strategic internal customers. In addition, you will contribute to the research and publication of various types of scheduled and ad-hoc work products. The nature of the work may occasionally include after hours intel support during major incidents. A successful analyst will always be excited to learn about new tactics, techniques, and procedures and how threat groups are applying them. Are you self-motivated and passionate about tracking threat actors, including a desire to automate and improve the ingestion of threat data? Do you have previous experience working for the US Intelligence Community or a private-sector threat intelligence organization? Critical thinking and limited bias are necessary for this role, as you will need to advise decision-makers on the best course of action based on often incomplete and subjective information. The Threat Hunting & Intelligence (THI) team is passionate, has fun every day, enjoys a good laugh, but above all else loves to identify and hunt threat actors.


• Tactical intel support for SOC and CIRT missions • Analysis and processing of intelligence alerting • Actively tracking threat actor groups • Research and implement new intelligence sources including open source • Conduct research supporting RFIs and scheduled work products • Demonstrate expertise by uncovering adversary activity not detected by our current detection rules • Apply Diamond model analysis against observed threat actor activity • Perform both static and dynamic malware analysis as needed • Actively researching new TTPs from public and internal reporting • Create compelling internal presentations from the results of your work • Creation of detailed process documentation

Additional requirements (other than skills)

• Proven experience performing searching and reporting with Splunk • Experience with both EDR and NSM technologies • Familiar with Threat Intel Platforms (TIPs) • Understanding of how DNS, DHCP, Email, and other common services work • Ability to reduce large datasets into meaningful information • Ability to tackle problems with no obvious solutions • Tenacious attention to detail • Efficient presentation skills for varied audiences including both management and technical • Eligible to work in the United States without company sponsorship

Language(s) required

English - fully-fluent


Experience in more than one of the following areas is required: • Directed research and report authoring • Signature or Indicator development and management • Incidents involving nation-state and eCrime threat actors • General log analysis (firewall, proxy, DNS, email, DHCP, VPN, etc) • Malware analysis • Geopolitical analysis

Career path

• Bachelor’s degree in computer science, information security, or related discipline or equivalent practical work experience. • 8+ years professional IT or IT Security experience; or 6 years and a Master’s degree • 2 years experience as a full-time incident responder, intel analyst or similar role

About the organization(s)

•Splunk Inc. (NASDAQ: SPLK) helps organizations ask questions, get answers, take actions, and achieve business outcomes from their data. Organizations use market-leading Splunk solutions with machine learning to monitor, investigate, and act on all forms of business, IT, security, and Internet of Things data. • Splunk is the world’s first Data-to-Everything Platform. Now organizations no longer need to worry about where their data is coming from, and they are free to focus on the business outcomes that data can deliver. Innovators in IT, Security, IoT, and business operations can now get a complete view of their business in real-time, turn data into business outcomes, and embrace technologies that prepare them for a data-driven future.

Team culture

We value diversity at our company. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.

Additional details

• Location: US Remote Available

Agreement type


Posted: June 24, 2020 02:51 AM

Juan Camilo Martínez Benavides
Juan Camilo Martínez Benavides Verified
independent recruiter
You have signaled . Would you like to apply for this opportunity?

Signals are a way of compiling a list of people you’ll consider working with. Others can signal you as well.

By signaling a person or organization you notify them that you’ll consider working with them. Thus:

  • You will be notified of all or relevant jobs they post or when they’re open to new opportunities (your choice).
  • When they search for talent, they’ll notice you signaled them.
  • Your signals are only visible to people you have signaled. You can, however, share them with others to collaborate.

55% of jobs are filled via referrals 1 . With Signals, Torre makes it easy for you.

Dominique and Juan are using Torre to find talent and opportunities. LEARN MORE and POST A JOB.