Analyst, Cyber Threat Intelligence

Analyst, Cyber Threat Intelligence Location: Cape Town, Western Cape, South Africa About S-RM S-RM is a global intelligence and cyber security consultancy. Since 2005, we help demanding clients solve tough information security challenges. Team and Culture We invest in people’s wellbeing, learning, and ideas. We value curiosity, critical thinking, and success. Working in Cyber Our Cyber Security division is fastest-growing. Incident Response and Managed Services are in high demand. We empower ideas, encourage collaboration, and build a diverse team of analysts, specialists, devs, investigators, and risk managers. Role Overview Cyber Threat Intelligence (CTI) is integral to our Incident Response and Managed Services practices. As a CTI analyst, you will partner across the full intelligence cycle to help clients respond, recover, and stay ahead of evolving threats. Responsibilities Track developments in ransomware and cybercrime ecosystems; write and update threat actor profiles shared with clients and published externally. Monitor leak sites and negotiation portals; inform case leads of developments; research sanctions exposure for threat actors. Conduct dark web research and manage monitoring engagements; assist with renewals. Collate technical indicators of compromise (IOCs) from global IR team; enrich, classify, and disseminate across organization. Ensure accurate incident data collection; manage dataset; produce trend reports for presentations and training. Assist in in-depth investigations with strong threat intelligence component; draft client-facing reports. Trace ransom payments with specialist tools; identify sanctions exposure; draft findings for clients. Contribute to public write-ups and presentations on vulnerabilities, trends, and threat actor techniques. Grow and share domain expertise through internal initiatives and programs. Support business development by cultivating relationships with external partners; identify opportunities. Other Features of the Role Variety of casework: respond to a wide range of incidents for public and corporate clients. Range of opportunities: broaden security awareness into testing and advisory projects while deepening CTI and IR expertise. Flexible working practices: high-pressure incident work balanced with wellbeing support. Qualifications Excellent written and verbal communication skills; clear concise reports. Strong analytical and problem-solving skills; work with incomplete or ambiguous information. Understanding of foundational cyber concepts; common attack vectors and threat actor motivations. Understanding of core intelligence concepts; lifecycle, requirements gathering, tactical/operational/strategic outputs. Demonstrated interest in cyber threats; financially-motivated activity such as ransomware and extortion. Preferred Skills Academic or professional background in research-focused discipline. Familiarity with cybersecurity fundamentals; threat actor TTPs, IOCs, frameworks (MITRE ATT&CK). Ability to contextualize findings into business-relevant assessments. Experience with OSINT and threat intelligence platforms (VirusTotal, Shodan, MISP, Recorded Future). Personal Attributes Investigative mindset and enthusiasm for investigations. Exceptional attention to detail when examining indicators and adversary behaviors. Collaborative mindset; willingness to work across teams. Ability to thrive under pressure; prioritize multiple tasks; meet short deadlines. Self-starter; initiative; ownership of work; identify opportunities to enhance S-RM cyber capabilities. Benefits We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside of work. Holiday – 23 days per year increasing to 28 days (+1 day for every year you worked at S-RM, up to 5 days). Gap Cover policy – bridge gap between medical bills and medical aid cover. Hybrid working and flexible working hours. Private pension – up to 7% contribution matched by the company. Life Insurance 4X annual salary. Parental Support Fertility treatment leave – 5 days per cycle of treatment per year. Maternity leave – 26 weeks full pay followed by 13 weeks half pay. Paternity leave – 6 weeks full pay. Various Health and Medical Benefits including Discovery Health medical aid for employee, partner, and children; EAP programme; Headspace mindfulness app. Application Process Initial screening by recruiting team. Interview to assess technical skills. Interview to discuss experience, broader competencies, and suitability for the role. Seniority Level Entry level Employment Type Full-time Job Function Other, Information Technology, and Management Industries Security and Investigations Referrals increase your chances of interviewing at S-RM by 2x #J-18808-Ljbffr