Note: The job is a remote job and is open to candidates in USA. Wyndham Hotels & Resorts is one of the largest hotel franchise companies in the world, and they are seeking a Sr. Analyst, Cyber Threat Intelligence to join their team. The role involves supporting the cyber threat intelligence program, conducting research on threat actors, and providing actionable analysis and recommendations.
Responsibilities
- Perform regular threat intelligence research into cybercrime and nation state threat actor tradecraft and produce threat intelligence products and profiles based on defined intelligence Requirements for selected stakeholders. Some of these products will be expected to be automated with human-review
- You will support the planning and maintenance of tooling and automated pipelines to collect, enrich, correlate, and operationalize all-source intelligence into our detection and reporting stack
- You will be expected to assist in the triage and review of security events by analyzing malicious artifacts gathered from forensic workflows using static and dynamic analysis techniques. You will also apply your knowledge of in-the-wild threats and TTPs to provide intelligence context for Security Operations and Detection Engineering personnel during triage and incident response operations
- Work alongside peers involved in Detection Engineering and Incident Response to translate intelligence into applicable detection rules, hunting hypotheses, red team and detection validation scenarios and inform incident context
- Build and maintain external intelligence-sharing relationships with peer organizations, RH-ISAC, and other select partners. Attend conferences, vendor Technical or Customer Advisory Boards and other industry events virtually or in-person
Skills
- 3+ years of hands-on experience in cyber threat intelligence, threat hunting, intrusion analysis or incident response at an organization facing sophisticated cybercrime adversaries
- Are not afraid to bring new ideas to the table and challenge the status quo
- A passion for cybersecurity, someone who enjoys reading industry news or listening to podcasts
- A strong engineering background, you have built computers, managed networks and maybe even coded a few tools yourself, you don't need to hand requirements to someone else to get something built
- A strong foundation in network security, vulnerability exploitation concepts, and technical threat analysis
- Experience with Threat Intelligence Platforms (TIPs) and a working knowledge of technologies for intelligence integration, including their use within a modern Security Operations Center architecture
- Experience with leveraging the MITRE ATT&CK, MITRE D3FEND, CTI-CMM, Cyber Kill Chain, and other relevant security frameworks and applying them to processes and procedures
- Demonstrate organized, focused research habits, know how to leverage various internet tools to find what you need to know, including leveraging AI-assistance
- Are comfortable performing malware analysis, infrastructure analysis, OSINT, and log analysis to develop and validate your own findings
- Ability to break down complex and technical ideas for a non-technical audience
- Formal technical writing skills and personal experience producing finished deliverables for senior leadership which resulted in action
- Comfortable speaking in front of large audiences and leading calls
- Ability to multi-task and manage time is a must
- Have an existing network in the threat intelligence community and a track record of productive bidirectional sharing
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field preferred but not required
- Certifications (SANS, COMPTIA, ISC2 etc) preferred, not required
Benefits
- Health insurance with HSA and FSA options
- Dental insurance
- Vision insurance
- Life/AD&D insurance
- Short- and Long-Term Disability coverage
- 401(k) with generous company match
- Vacation time- Accrue 1.615 hours of paid vacation per week
- Paid holidays- 11 Core Scheduled Paid Holidays with potential additional paid days off as business operations and the calendar permit (e.g. in 2026, there is an additional 7 days of paid company closure).
- Paid sick leave accrued as state and local laws require
- Additional paid time off in the form of one volunteer day, bereavement time, as well as jury duty time.
Company Overview