Junior Cyber Security Intel Researcher (Belfast)
Anomali
Belfast, GB / Onsite/Remote
Apply for this job
* Job Type: Full-Time
* Function: Data Science
* Industry: Infrastructure
* Post Date: 03/13/2025
* Website: anomali.com
About Anomali
Anomali offers an industry-leading AI-Powered solution that elevates your security operations and defense capabilities in one platform. We consolidate your tech stack, giving you never-before-seen speed, scale, and performance at a fraction of the cost. Anomali empowers your team and helps you retain talent.
Job Description
Anomali Threat Research (ATR) is the Cyber Threat Intelligence (CTI) team at Anomali. ATR is responsible for conducting OSINT research, intelligence engineering, and data science objectives. We are seeking a passionate Researcher to join ATR to assist in the collection and curation of open source intelligence and help build automation for our Threat Research team.
The researcher will support sample collection and analysis, including developing custom scripts for automation where needed. Responsibilities include handling malware samples, analyzing suspicious files, and identifying malicious behaviors while maintaining strict OPSEC measures. Additionally, they will support ThreatStream false positive triage, ensuring accuracy in threat detections and classifications.
Responsibilities
1. Conducting false positive/negative triage within ThreatStream, ensuring accurate classification and minimal intelligence misattribution.
2. Assist with sample collection and analysis, including handling malware samples, suspicious files, and malicious infrastructure.
3. Develop and refine custom scripts and automation workflows to improve threat analysis and intelligence ingestion.
4. Work with wider teams to research, structure, and publish the semi-annual State of OSINT Report.
5. Contribute to threat detection improvements, including refining behavioral indicators and intelligence structuring.
6. Develop behavioral detections with the Anomali Query Language (AQL).
Required Skills
1. BSc/BEng in Computer Science, Cybersecurity or equivalent experience in lieu of degree.
2. Basic knowledge of malware analysis techniques, including dynamic/static analysis, sandboxing, and unpacking.
3. Experience with triaging False Positives and False Negatives, ensuring accurate threat classifications.
4. Familiarity with scripting languages (e.g., Python, Bash, or PowerShell) to automate malware analysis and intelligence workflows.
5. Understanding of OPSEC principles and secure research practices, particularly in handling malware execution.
6. This position is not eligible for employment visa sponsorship. The successful candidate must not now, or in the future, require visa sponsorship to work at our Belfast location.
Desired Skills
1. Experience with reverse engineering tools such as IDA Pro, Ghidra, or Radare2.
2. Hands-on experience using sandbox environments (e.g., Cuckoo, Any.Run, VMRay, or Joe Sandbox) for malware behavior analysis.
3. Basic understanding of network security concepts, including traffic analysis, PCAP inspection, and C2 detection.
4. Prior experience with Threat Intelligence Platforms (TIPs) such as ThreatStream, MISP, or OpenCTI.
5. Web scraping and automation experience, preferably using Python, to collect and structure intelligence data.
Benefits
* Salary: Competitive Salary
* Medical: Private Healthcare Plan, Dental Plan, Optical Plan
* Work-Life Balance: Paid Public Holidays, Accrued Paid Time Off - 25 days, Quarterly event with your Geographic Team
Equal Opportunities Monitoring
It is our policy to ensure that all eligible persons have equal opportunity for employment and advancement on the basis of their ability, qualifications, and aptitude. We select those suitable for appointment solely on the basis of merit without regard to an individual's disability, race, religion, sex, age, or sexual orientation. Monitoring is carried out to ensure that our equal opportunity policy is effectively implemented.
If you are interested in applying for employment with Anomali and need special assistance or accommodation to apply for a posted position, contact our Recruiting team at [email protected].
#J-18808-Ljbffr