Why Join Us
Check Point Infinity External Risk Management, otherwise known as Cyberint, continuously reduces external cyber risk by managing and mitigating an array of external cyber security threats with one unified solution.
We are looking for a
Cyber Threat Intelligence Data Analyst to be an integral part of our Services Intelligence teams, combining both cutting-edge technology and advanced threat intelligence analysis methodologies to deliver high-impact briefings to ERM customers.
We are looking for a proactive and detail-oriented Threat Intelligence Support Analyst to join our Threat Intelligence (TI) team. This role focuses on maintaining, correcting, and improving the quality of intelligence data within our OpenCTI platform -ensuring accuracy, consistency, and operational reliability across intelligence workflows.
You will work through incoming tickets, run validation playbooks, correct inconsistent or corrupted records, enrich missing information, and support TI analysts by keeping the platform clean, structured, and actionable.
Key Responsibilities
- Review, validate, and correct data issues within OpenCTI, including malformed/incomplete indicators, incorrect entity relationships, missing or inaccurate fields, and duplicated or stale records
- Execute structured validation playbooks and enrichment workflows
- Manage multiple tickets and tasks simultaneously while maintaining data quality standards
- Support TI analysts by ensuring platform data is accurate and operationally reliable
Qualifications
- Understanding of core TI concepts: IOCs, malware types, TTPs, campaigns, and enrichment sources
- Knowledge of the MITRE ATT&CK framework
- Basic knowledge of cybersecurity fundamentals (domains, IPs, URLs, file hashes)
- Familiarity with JSON structures and basic data modeling
- Strong attention to detail with an analytical mindset -ability to identify patterns and inconsistencies
- Ability to follow structured playbooks and manage multiple tasks simultaneously
- Hands-on experience with OpenCTI or other TIPs (MISP, Anomali, EclecticIQ, Recorded Future, etc.)
- Familiarity with API-based data ingestion or enrichment
- Experience with Python or automation tools
- Background in SOC, threat intelligence, security analysis, or incident response
