Threat Intelligence Analyst

Who We Are!

Back in 2019, spiderSilk was born with a bold idea: build regional, sovereign cybersecurity IP that could stand tall on the global stage.

Our mission? To shake up the way organizations protect their ever-changing digital worlds with continuous, intelligent, and autonomous security that doesn't miss a beat.

We're a global mix of curious minds, problem-solvers, and passionate builders, all united by one goal: making the internet a safer place for everyone. Around here, we thrive on vision, energy, and a strong sense of ownership.

If this feels like your kind of crew, you'll probably fit right in.

About the Role:

As a Threat Intelligence Analyst specializing in Dark Web research, you will play a vital role in uncovering and analyzing threat actor activity across deep and dark web ecosystems. You'll be responsible for collecting, validating, and contextualizing intelligence from hidden forums, marketplaces, and communication channels to inform spiderSilk's clients and product teams.

This role requires investigative rigor, a strong understanding of underground communities, and the ability to convert raw intelligence into actionable insights for both internal stakeholders and enterprise clients.

Responsibilities:

• Monitor and investigate activity across dark web forums, marketplaces, encrypted messaging platforms, and other covert channels.
• Track threat actor behavior, campaigns, and emerging TTPs (tactics, techniques, and procedures).
• Collect, tag, and analyze relevant data including leaks, malware distribution, initial access sales, and exploit trade.
• Produce high-quality intelligence reports, alerts, and briefings tailored to both technical and executive audiences.
• Work with product, research, and exposure teams to enrich findings with external data and client relevance.
• Maintain strong operational security (OPSEC) protocols during intelligence gathering and engagement.

Requirements:

• 2-4 years of experience in threat intelligence or cyber investigations, with a focus on dark web or underground threat monitoring.
• Strong knowledge of dark web platforms such as TOR, I2P, and decentralized forums.
• Familiarity with OSINT techniques, operational tooling (e.g., Maltego, Recon-ng), and data enrichment strategies.
• Ability to recognize and interpret threat actor behavior, indicators of compromise (IOCs), and relevant geopolitical or industry trends.
• Solid writing and analytical communication skills, with the ability to create both tactical alerts and strategic reports.

Preferred Qualifications:

• Experience conducting HUMINT or dark web engagement in a secure and ethical manner.
• Foreign language skills relevant to threat actors (e.g., Russian, Arabic, Mandarin) are a significant advantage.
• Familiarity with cybercrime ecosystems (initial access brokers, ransomware affiliates, data extortion groups).
• Previous experience supporting law enforcement, CTI platforms, or security product development is a plus.
• Certifications such as GIAC GCTI, CREST CTIM, or other intelligence-specific training.