Conduct research on emerging cyber threats, adversary activity, and global threat trends
Collect, analyze, and synthesize data from a variety of technical and open sources to produce actionable intelligence
Support tracking of threat actor infrastructure, campaigns, and evolving tactics, techniques, and procedures (TTPs)
Monitor and assess Chinese-language sources to identify relevant threat activity and insights
Contribute to the production of high-quality intelligence reporting for internal and external stakeholders
Assist in identifying and developing indicators and detection opportunities
Collaborate with cross-functional teams, including other intelligence, engineering, and data science teams
Continuously develop technical expertise and stay current on evolving threat landscapes and tradecraft
Requirements
BA/BS or equivalent experience in Computer Science, Information Security, Intelligence, Security Studies, or a related field
1-2 years of experience in Threat Intelligence, Cybersecurity, or a related discipline (including internships or academic research)
Foundational understanding of cyber threat analysis and intelligence methodologies
Basic knowledge of networking concepts, including TCP/IP, DNS, and internet infrastructure
Experience or familiarity with analyzing technical artifacts such as domains, IP addresses, and related metadata
Familiarity with OSINT collection and analysis techniques
Exposure to common CTI tools and workflows (e.g., Jupyter Notebook, Maltego, Elastic Stack, or similar platforms)
Understanding of structured analytic techniques and frameworks such as MITRE ATT&CK, the Cyber Kill Chain, or the Diamond Model
Strong analytical, problem-solving, and critical thinking skills
Effective written and verbal communication skills, with the ability to convey technical concepts to diverse audiences
Ability to work collaboratively in a fast-paced, globally distributed team environment
Required:
Professional working proficiency in Chinese, with the ability to read, analyze, and synthesize native-language sources
Experience analyzing financially motivated cyber activity, including phishing, scams, or account compromise
Basic scripting or programming experience (Python preferred) for data analysis or task automation
Familiarity with underground ecosystems such as forums, marketplaces, or messaging platforms (e.g., Telegram)
Understanding of payment systems, cryptocurrency usage, or fraud-related typologies
Experience working with threat intelligence datasets or large-scale data analysis
Exposure to detection development or identifying indicators of malicious or suspicious activity
Working knowledge of Russian is a plus
#LI-Remote
Why should you join Recorded Future?
Want more info?
Blog & Podcast : Learn everything you want to know (and maybe some things you'd rather not know) about the world of cyber threat intelligence
Linkedin , Instagram & Twitter : What's happening at Recorded Future
The Record : The Record is a cybersecurity news publication that explores the untold stories in this rapidly changing field
Timeline : History of Recorded Future
Recognition : Check out our awards and announcements
We are committed to maintaining an environment that attracts and retains talent from a diverse range of experiences, backgrounds and lifestyles. By ensuring all feel included and respected for being unique and bringing their whole selves to work, Recorded Future is made a better place every day.
If you need any accommodation or special assistance to navigate our website or to
Benefits
Dental insuranceVision insurance401(k)Paid time offRemote work optionsEquity / stock options
Additional Information
With 1,000+ intelligence professionals serving over 1,900 clients worldwide, Recorded Future is the world's most advanced, and largest, intelligence company!
Recorded Future provides intelligence that 1,500+ clients use to defend their people and networks from cybersecurity threats. We are looking for a Fraud Analyst to join our Threat Intelligence team!
Recorded Future · Boston, MA