Position Description:

Intelligence Analysts/Consultant will work as part of our Professional Services team that partners with Anomali customers. Responsibilities range from analyst support to account onboarding and helping develop and deliver services to operationalize threat intelligence (TI) within client environments. In some cases, this may involve working closely with the client to understand their environment, their areas of deficiency, and what technical and procedural processes can be taken to enable the client to fulfil their threat intelligence programmatic goals and objectives. As part of this effort, the consultant may be involved in a range of efforts from helping provide templated process documents, to help deliver some product training, to potentially create custom scripts to automate a solution, to acting as the “voice of the customer” for our product management and development teams.
Anomali already supports information security teams at some of the most ambitious organizations on the planet. Your days will be spent working closely with those customers to ensure they are effectively using our intelligence services to secure and positively impact business operations. You will be a problem-solving expert discussing new security technology with top companies and serving as the liaison between Anomali and our customers. You must be passionate about technology and great customer experience as well as building world-class security business.


  • Manage the procedural and technical aspects of a client’s threat intelligence program.
  • Understand each customer’s unique threat intelligence goals and field TI process requirements using procedural and technical solutions that incorporate Anomali solutions.
  • Provide analyst support for quick hit product requests as well as formal research reports and customer briefings on threat topics.
  • Develop and deliver product configurations that fulfil intelligence requirements according to customer workflows.
  • Manage activities across multiple clients both onsite and offsite including:

assisting/supporting pre-sales in fielding services questions, delivery of professional services, support for other Anomali CSO operations staffs, assist in product configuration or custom integrations, help train the client in using Anomali’s products and TI processes, and analyst support to ensure customer success.

  • Drive user adoption of Anomali solutions as well as communicate customer requirements and product successes/failures across the organization.
  • Acquire complete command of Anomali products (ThreatStream, Anomali Enterprise, Anomali Link, Universal Link, etc)
  • Occasionally support large and strategic customer pre-sales activities
  • Serve as a coach and trusted advisor to large and strategic Anomali customers
  • Derive and disseminate threat intelligence best practices to help drive customer adoption of Anomali products and services
  • Provide feedback to product management based on field experiences
  • Work closely with our exceptional security engineers and data scientists in Anomali Labs to drive technical requirements for new prototype and tool development.
  • Enhance security tradecraft to identify threats before the adversaries have a strong foothold in organizations.

Required Skills/Experience:

  • BA/BS or equivalent combination of education and experience
  • 3-5+ years of experience as an Intelligence, Information Security Analyst, or SOC Analyst.
  • Experience working and communicating directly with clients
  • Strong troubleshooting, presentation, and consultative skills
  • Comfortable speaking technically with analysts and strategically with senior executives
  • Strong project management skills
  • Strong verbal and written communication skills
  • Strong technical background and ability to speak to engineers, developers and end users
  • Knowledge of enterprise level security operations, business requirements, and inner IT workings
  • Understanding of terminology and tactics employed by threat actors
  • Experience scripting in Python or other scripting languages to enable threat research, malware analysis, or other security-related tasks.

Bonus Skills/Experience:

  • Knowledge of how malware is developed, functions, and is employed
  • Ability to extract technical indicators from malware and/or pcap via tools
  • Has presented at a security or hacking conference.
  • Has an active threat intelligence related blog
  • Has contributed to or released a security tool as open source software
  • Enjoys collaborating and sharing information with the broader security community
  • Experience writing YARA/Snort signatures
  • Prior experience working in startups
  • Experience with ELK, ArcSight, Splunk, IBM QRadar, McAfee Nitro, and/or Hadoop
Travel: Predominately EMEIA: 35-40% Travel
Travel may include but not limited to: customer locations, local user groups, user conferences events, and corporate events.
Comp Plan: Base plus corporate compensation package

About Anomali

Anomali delivers earlier detection and identification of adversaries in your organization’s network by making it possible to correlate tens of millions of threat indicators against your real time network activity logs and up to a year or more of forensic log data. Anomali’s approach enables detection at every point along the kill chain, making it possible to mitigate threats before any material damage to your organization has occurred.