CTI Analyst

Position Title: CTI Analyst (Threat Intelligence Analyst) Position Type: Full-Time / Exempt Clearance: U.S. Citizenship Required; Background Check Required (Active Clearance Preferred) Location: Huntsville, AL / Remote SOC Code: Salary*: Department: $85,000-$115,000 Security Operations (MSSP)/Marketing • Dependent upon qualifications Summit 7 is here to rise above the ordinary. The work we do here goes far beyond day-to-day projects - it further protects the US defense industrial base from cyber threats, fosters thought leadership and creates growth opportunities. Our support staff, sales team and technicians are all coming together to make a difference. We also recognize that you're a person with life beyond work, that's why we invest in these meaningful health and welfare benefits: • Excellent health/dental benefits from BCBS and Ameritas • See into the future with our luxurious VSP vision benefits • Prepare for the long-haul courtesy of our 401k with company matching • Unlimited mobile phone plan • 10 days' vacation, 7 days sick time • Bonuses and salary increase potential via our certifications plan We do cool work here, defying expectations by simply being who we are - each of us makes an impact. Essential Functions Summit 7 Systems is seeking a talented, mid-level Threat Intelligence Analyst with a strong computer science foundation to transform SOC telemetry into actionable intelligence products. This role uniquely bridges deep technical analysis with strategic communication, producing high-quality threat intelligence reports for marketing initiatives while supporting Vigilance SOC operations. The ideal candidate combines technical depth with exceptional analytical thinking and strong written communication skills. Join our team and help transform raw security data into intelligence that protects critical infrastructure while advancing the cybersecurity community's understanding of emerging threats. Primary Responsibilities Intelligence Production (40%) • Analyze security incidents across 100+ enterprise clients to identify trends and patterns • Produce monthly public-facing threat landscape reports • Create industry-specific intelligence briefs (DIB, Construction, Education) • Develop technical indicators and detection signatures • Author threat actor profiles and campaign analyses • Configure and maintain OSINT and commercial threat intelligence feeds • Integrate MISP with Microsoft Sentinel and SOC tooling Technical Analysis (30%) • Correlate alerts in Microsoft Sentinel across multiple tenants • Enrich indicators using Pulsedive API and custom scripts • Develop Python automation for data collection and analysis • Query MISP for historical threat patterns • Create data visualizations and statistical models SOC Integration (20%) • Collaborate with SOC analysts to identify noteworthy incidents • Translate technical findings into executive-level summaries • Create and maintain event templates for common threats • Develop automation scripts for indicator processing • Generate intelligence reports and statistics • Develop KQL queries for proactive threat hunting • Support incident response with intelligence context • Maintain and expand the threat intelligence knowledge base External Communication (10%) • Partner with marketing to publish intelligence reports • Present findings at industry conferences • Engage with the threat intelligence community • Support sales with technical expertise • Respond to media inquiries regarding emerging threats Job Specifications Required Qualifications / Experience • 3-5 years of experience in cybersecurity, threat intelligence, or SOC operations • 1-2 years of hands-on experience with MISP • Experience managing databases on Linux servers • Understanding of REST APIs and JSON data formats • Demonstrated experience producing written intelligence products • Background in data analysis and visualization Technical Skills • Programming: Python (required); experience with pandas, matplotlib, Jupyter notebooks • Query Languages: KQL, SQL, Splunk SPL • Data Analysis: Statistical analysis, pattern recognition, anomaly detection • APIs: REST API integration and JSON manipulation • Platforms: Microsoft Sentinel, MISP, Git, GitHub Enterprise • Visualization: Power BI, Sentinel Workbooks, or similar tools Analytical Skills • Strong understanding of the Cyber Kill Chain and MITRE ATT&CK framework • Experience with structured analytic techniques • Ability to identify patterns in large datasets • Strong critical thinking and hypothesis development skills Preferred / Desired Qualifications • Bachelor's degree in Computer Science, Cybersecurity, or related field • Experience in defense contractor or government environments • Published threat intelligence research or blog posts • Contributions to open-source security projects • Certifications such as GCTI, CySA+, GIAC, or similar • Security+ (DoD 8570 IAT Level I required) • CompTIA Linux+ or LPIC • Experience with machine learning for threat detection • Familiarity with CMMC and NIST frameworks • Active security clearance Key Competencies Technical Excellence • Automate repetitive analysis tasks • Build scalable data processing pipelines • Create reusable analysis frameworks • Maintain high accuracy in technical details Communication Skills • Translate complex technical concepts for diverse audiences • Write clear, concise intelligence products • Present complex data visually • Brief executives and technical teams effectively Strategic Thinking • Understand the business impact of cyber threats • Anticipate emerging threat trends • Connect tactical indicators to strategic risks • Balance technical depth with accessibility Sample Projects You'll Work On • Automated Threat Report Generator • Build a Python pipeline to process weekly SOC data • Generate statistics and trend analysis • Output formatted reports for marketing distribution • Industry Threat Dashboards • Create Power BI dashboards by vertical • Develop real-time threat metrics from Sentinel • Deliver executive-friendly visualizations • Attribution Framework Development • Design methodology for threat actor tracking • Build correlation algorithms • Maintain actor profile database Application Instructions Please submit: • Resume highlighting relevant programming and analytical experience • Writing sample (blog post, report, or technical analysis) • Brief description of your most impactful intelligence finding LLM use during the interview/screening process is prohibited. Export Control Notice: This position may involve access to information subject to U.S. export control laws, including the International Traffic in Arms Regulations (ITAR) or the Export Administration Regulations (EAR). Qualified applicants will be considered regardless of national origin or immigration status. If a candidate does not meet the definition of a "U.S. Person" (as defined in 22 CFR § 120.15), the company will assess whether an export license is required. If a license is required, any offer of employment will be contingent upon the candidate's eligibility for, and the company's ability to obtain, such a license in accordance with U.S. law. A "U.S. Person" includes U.S. citizens, lawful permanent residents, asylees, and refugees. Work Conditions Work is typically performed in an office environment. Must be able to remain in a stationary position for extended periods of time. The person in this position may need to occasionally move about inside the office to access file cabinets, office machinery, etc. Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine, and computer printer. May occasionally need to position self to maintain computers, including under the desks and in the server closet. The person in this position frequently communicates with employees and clients. Must be able to exchange accurate information in these solutions. Summit 7 Systems is an equal opportunity/ affirmative action employer and an alcohol and drug free workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. Summit 7 Systems requires background investigations. Any offer of employment is contingent upon the results of a reference/background check. We are a drug and alcohol-free workplace and require pre-employment drug screening. Remote About the Company: Summit 7 Systems Apply tot his job Apply To this Job