Senior Cyber Threat Intelligence Analyst (Hybrid)

This position is responsible for collecting, analyzing, and disseminating cyber threat intelligence to protect systems, data, and operations. The Cyber Threat Intelligence (CTI) Analyst collaborates with information security and technology teams to deliver actionable insights in a dynamic threat landscape. This role supports proactive defense strategies and response planning through intelligence-driven decision-making.

Position Compensation Range

$97,000.00 - $164,000.00

Pay Rate Type

Salary

Compensation may vary based on the job level and your geographic work location. Relocation support is offered for eligible candidates.

Key Responsibilities

• Collect, analyze, and disseminate tactical and operational cyber threat intelligence to support security operations.
• Monitor and assess internal and external sources—including Threat Intelligence Platforms (TIPs), Open Source Intelligence (OSINT), commercial intelligence feeds, and industry sharing groups—for emerging threats, indicators of compromise (IOCs), and adversary tactics, techniques, and procedures (TTPs).
• Map observed threat behaviors and intelligence findings to the MITRE ATT&CK framework to enhance detection and response capabilities.
• Enrich Security Operations Center (SOC) and Enterprise Vulnerability Management (EVM) workflows with timely, actionable intelligence to drive proactive defense measures.
  
  

Produce and deliver detailed intelligence reports, threat alerts, and briefings tailored for SOC, Incident Response, Threat Hunting, and Vulnerability Management teams.

• Support incident response activities by integrating contextual threat intelligence into investigations, response actions, and playbook development.
• Assist in the development and refinement of threat models, detection logic, and adversary tracking frameworks to strengthen organizational security posture.
• Participate in and contribute to tabletop exercises, red/blue team engagements, and the ongoing development of incident response playbooks.
• Continuously evaluate and improve intelligence collection processes, analytical tools, and knowledge management practices to ensure operational excellence and adaptability.
  
  

Specialized Knowledge & Skills

• Demonstrated experience providing customer-driven solutions, support or service.
• Advanced knowledge of security analysis processes and standards for conducting and reporting security analysis to stakeholders.
• Extensive knowledge and understanding of IT Risk Management and/or Information Systems Auditing.
• Extensive knowledge and understanding of IT risk and control frameworks.
• Demonstrated experience conducting IT risk and control assessments.
• Extensive knowledge and understanding of IT risk management and reporting.
• Solid knowledge and understanding of risk management methods, standards, processes, governance models, and industry standard risk analysis approaches.
  
  

Preferred Skills & Qualifications

• Minimum 5 years of professional experience in cyber threat intelligence, security operations, or related cybersecurity roles.
• Deep understanding of cyber threat intelligence frameworks, including MITRE ATT&CK, Diamond Model, and Cyber Kill Chain.
• Hands-on experience with threat intelligence platforms (TIPs) and integrating threat data into SOC, IR, or vulnerability management workflows.
• Proficiency with scripting languages (e.g., Python, PowerShell) and data analysis tools to automate intelligence enrichment and analysis.
• Proven ability to produce clear, concise, and actionable intelligence reports, alerts, and briefings for technical and non-technical audiences.
• Strong critical thinking, investigative, and problem-solving skills, with experience applying structured analytic techniques (e.g., link analysis, hypothesis testing).
• Effective collaborator with cross-functional teams, contributing to shared intelligence processes and operational improvements.
• Ability to prioritize and manage multiple tasks in a dynamic, fast-paced environment.
  
  

Preferred Education & Certifications

• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field required or equivalent work experience.
• Relevant industry certifications strongly preferred (e.g., GIAC Cyber Threat Intelligence [GCTI], Certified Information Systems Security Professional [CISSP], GIAC Security Essentials [GSEC], Certified Ethical Hacker [CEH], or equivalent).
  
  

Travel Requirements

• Up to 10%
  
  

Additional Information

• Offer to selected candidate will be made contingent on the results of applicable background checks
• Offer to selected candidate is contingent on signing a non-disclosure agreement for proprietary information, trade secrets, and inventions
• Sponsorship will not be considered for this position unless specified in the posting
• In this hybrid role, you will be expected to work a minimum of 10 days per month from the office. Candidates should reside within approximately 35-50 miles of one of the following office locations: Madison, WI 53783; Boston, MA 02110
  
  

We provide benefits that support your physical, emotional, and financial wellbeing. You will have access to comprehensive medical, dental, vision and wellbeing benefits that enable you to take care of your health. We also offer a competitive 401(k) contribution, a pension plan, an annual incentive, 9 paid holidays and a paid time off program (23 days accrued annually for full-time employees). In addition, our student loan repayment program and paid-family leave are available to support our employees and their families. Interns and contingent workers are not eligible for American Family Insurance Group benefits.

We are an equal opportunity employer. It is our policy to comply with all applicable federal, state and local laws pertaining to non-discrimination, non-harassment and equal opportunity. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.

American Family Insurance is committed to the full inclusion of all qualified individuals. If a reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please email AskHR@AmFam.com to request a reasonable accommodation.