Job Title: Data Analyst
Experience: 2+ Years
Location: New Delhi
Employment Type: Full-time (On-Site)
About the Role
We are looking for a highly skilled and analytically driven Cyber Threat Intelligence & OSINT Analyst to join our security operations team. The ideal candidate combines deep expertise across cyber threat intelligence, open source intelligence, dark and deep web investigations, social media analysis, brand monitoring, and threat intelligence platform management. You will serve as a key intelligence resource — collecting, analyzing, and delivering actionable intelligence that enables the organization to detect, respond to, and stay ahead of evolving threats across every corner of the digital landscape.
Key Responsibilities
Threat Intelligence Platform Management & IOC Operations
- Manage, maintain, and optimize OpenCTI including connectors, ingestion pipelines, and data quality
- Ingest, normalize, and enrich IOCs from multiple intelligence sources into the threat intelligence platform
- Build and maintain IOC repositories, threat actor profiles, and intelligence feeds
- Automate IOC ingestion workflows and integrate feeds with SIEM and other security tools
- Operate threat intelligence platforms including Recorded Future, DarkOwl, CloudSEK, and open-source feeds to gather and correlate actionable intelligence
- Ensure platform health, uptime, and continuous improvement of intelligence data quality
Cyber Threat Intelligence
- Monitor global cyber threat activity, emerging attack trends, threat actor campaigns, and adversary TTPs in real time
- Track ransomware groups, data breaches, credential leaks, third-party risks, and cyber criminal activity targeting the organization
- Correlate threat intelligence with SOC alerts and security events to enrich investigation context and prioritize response
- Support incident response teams with timely, actionable intelligence during active security incidents
- Track and map threat actor behavior using the MITRE ATT&CK framework
- Prepare intelligence reports, executive summaries, and strategic threat assessments for internal stakeholders
Deep & Dark Web Analysis & Investigation
- Conduct proactive dark web, deep web, and surface web monitoring for threats targeting the organization and its assets
- Investigate threat actor activity, leaked credentials, stolen data, ransomware postings, and underground forum discussions
- Monitor dark web marketplaces, Telegram channels, paste sites, and illicit communities for relevant intelligence
- Identify and track emerging threat campaigns, malware distribution, and exploitation trends
- Document and report findings with context, attribution where possible, and recommended mitigation actions
OSINT Research & Digital Investigations
- Conduct comprehensive open source intelligence collection across the surface web, social media, forums, paste sites, code repositories, and public databases
- Identify, track, and profile threat actors, persons of interest, organizations, and online communities using open source methods
- Perform digital footprint analysis on individuals, organizations, domains, IP addresses, and infrastructure
- Utilize advanced search techniques, Google dorking, and OSINT frameworks and tools including Maltego, Shodan, SpiderFoot, Recon-ng, and theHarvester
- Collect and preserve digital evidence in a forensically sound manner for investigation and reporting purposes
- Map relationships, infrastructure, and operational patterns of threat actors and adversary groups
Social Media Analysis & Monitoring
- Monitor major social media platforms including LinkedIn, X/Twitter, Facebook, Instagram, Telegram, Discord, TikTok, and others for threats, misinformation, and malicious activity
- Identify and investigate fake accounts, impersonation profiles, coordinated inauthentic behavior, and influence operations
- Track hacktivist groups, threat actors, and extremist communities using social media for operational coordination or target reconnaissance
- Detect and report on social engineering campaigns, phishing lures, and scam operations propagated through social channels
- Conduct in-depth social media investigations and map connections between individuals, groups, and online communities
- Monitor geopolitical developments and nation-state threat actor behavior on social platforms relevant to the organization
Brand Monitoring & Digital Risk Protection
- Monitor digital channels for brand impersonation, phishing domains, fake social media profiles, and typosquatting
- Track unauthorized use of company assets, executive names, and sensitive information across online platforms
- Coordinate with relevant teams to initiate takedowns and mitigate brand-related threats
- Maintain a brand threat register and report on trends, incidents, and recommended actions regularly
- Support due diligence investigations on individuals and organizations using open sources and social media
Reporting & Intelligence Dissemination
- Produce clear, well-structured intelligence reports, investigation summaries, incident reports, and executive briefings for technical and non-technical audiences
- Maintain investigation logs, source documentation, and evidence records in accordance with operational standards
- Collaborate with SOC, incident response, brand, and communications teams to share intelligence and support cross-functional investigations
- Present findings and recommendations to stakeholders in a concise and actionable format
- Continuously improve intelligence processes, workflows, reporting templates, and automation capabilities
Required Skills & Experience
- Minimum 2 years of experience in Cyber Threat Intelligence, OSINT, SOC, digital investigations, or related cybersecurity functions
- Hands-on experience with OpenCTI or similar Threat Intelligence Platforms (TIPs)
- Practical experience with IOC ingestion, enrichment, and lifecycle management
- Working knowledge of Recorded Future, DarkOwl, CloudSEK, or equivalent intelligence platforms
- Proficiency in dark web and deep web investigation techniques and access methods
- Strong proficiency in OSINT tools and frameworks including Maltego, Shodan, SpiderFoot, Recon-ng, theHarvester, or similar
- Experience conducting social media investigations and monitoring across major platforms
- Knowledge of advanced search techniques including Google dorking and specialized search engines
- Understanding of network infrastructure concepts including WHOIS, DNS, IP geolocation, and passive DNS analysis
- Familiarity with brand monitoring and digital risk protection concepts and tools
- Strong understanding of MITRE ATT&CK framework, IOC/TTP analysis, and threat actor profiling
- Ability to collect, preserve, and document digital evidence appropriately
- Strong analytical, critical thinking, and attention to detail skills
- Ability to produce clear and concise intelligence products for varied audiences
Preferred Qualifications
- CTIA, GCTI, OSCP, CEH, Security+, or equivalent certifications
- Experience with link analysis and visualization tools such as Maltego or i2 Analyst's Notebook
- Experience with SIEM, EDR, malware analysis, or digital forensics tools
- Familiarity with Python or scripting for OSINT and intelligence automation
- Prior experience with takedown processes and digital risk protection platforms
- Experience with social media monitoring tools such as Brandwatch, Meltwater, or similar
- Experience supporting legal, fraud, or law enforcement investigations
- Proficiency in a second language is an advantage for monitoring non-English sources
Why Join Us
- Work with cutting-edge threat intelligence platforms, OSINT tools, and dark web monitoring capabilities
- Be part of a team that stops threats before they become incidents
- Exposure to real-world investigations spanning dark web, social media, brand protection, and cyber threat intelligence
- Collaborative and fast-paced security operations environment with cross-functional team exposure
- Opportunity to develop expertise across a broad range of digital intelligence and investigation disciplines
If you have a hunter's mindset, a researcher's curiosity, and are passionate about tracking threats across every corner of the internet before they strike — we want to hear from you.
Pay: ₹350,000.00 - ₹500,000.00 per year
Application Question(s):
- Hands-on experience with OpenCTI or similar Threat Intelligence Platforms (TIPs)
Experience:
- Cyber Threat Intelligence: 1 year (Required)
Work Location: In person
