Search...

Lead Cyber Threat Intelligence Analyst

TRM Labs logo
TRM Labs

TRM Labs provides a blockchain intelligence platform to help organizations investigate, monitor, and detect crypto and digital asset fraud and financial crime. They serve government agencies, financial institutions, and crypto businesses worldwide.

Distributed
About TRM Labs

TRM Labs provides a next-generation blockchain intelligence platform designed to investigate, monitor, and detect crypto and digital asset fraud and financial crime. The platform features extensive asset coverage, supporting over 200 million assets across more than 41 blockchains, including NFTs and DeFi protocols. It offers cross-chain analytics to trace the flow of funds seamlessly between different blockchains and utilizes over 150 risk categories, including FATF's money laundering predicate offenses, for customized risk scoring. TRM's data is built from a large, proprietary database of illicit activity combined with advanced data science. The company serves a global client base, including government agencies, financial institutions, and crypto businesses, helping them to safeguard the crypto financial system, maintain high standards for AML/CFT compliance, and build trust in digital assets.

View jobs by TRM Labs

Skills

About the Role

As a Lead Cyber Threat Intelligence Analyst you will conduct ad hoc investigations and time sensitive blockchain analyses for clients and develop scalable analytic solutions You will produce finished cyber threat intelligence including actor profiles campaign reports IOC packages and infrastructure attributions You will triage large indicator sets correlate technical indicators with OSINT and infrastructure patterns and provide timely high confidence intelligence products and briefings You will help evaluate new analytical tooling and contribute to better investigation workflows and repeatable methods

Requirements

  • 8+ years of experience in cyber threat intelligence intelligence analysis incident-driven investigations or a closely related analytical field with at least 1+ years of experience in a people lead/manager role
  • Demonstrated experience producing finished intelligence products such as actor profiles campaign reports attribution assessments or infrastructure mapping
  • Deep familiarity with cyber investigations infrastructure attribution campaign analysis and actor profiling
  • Strong OSINT instincts and the ability to resolve identities aliases and behavior across fragmented sources
  • The ability to connect technical findings to financial infrastructure including wallets laundering paths sanctions exposure or identity-linked leads when relevant to the investigation
  • Excellent judgment about analytical confidence evidentiary strength and what can or cannot be defended in a report referral or operational setting
  • A track record of leading complex investigations improving workflows and helping other analysts do better work
  • Excellent written and verbal communication skills with the ability to package findings for technical and non-technical audiences alike
  • Comfort operating in a fast-paced environment where priorities can change quickly and ambiguity is normal
  • AI fluency is required

Responsibilities

  • Produce finished cyber threat intelligence including actor profiles campaign reports IOC packages infrastructure attributions and evidence ready analytical outputs
  • Lead complex investigations from seed indicators such as domains IPs hashes aliases or wallets through to attributed actors clusters or campaign pictures
  • Correlate technical indicators with OSINT identity signals infrastructure patterns and financial rail activity to build a fuller understanding of adversary behavior
  • Triage large indicator sets clusters infrastructure and turn fragmented signals into clear defensible findings that stakeholders can act on immediately
  • Support incident responders threat hunters investigators leadership and external partners with timely high confidence intelligence products and briefings
  • Help evaluate and operationalize new analytical tooling by pressure-testing it on real workflows and identifying where it meaningfully reduces analyst effort
  • Contribute to better investigation workflows analytic standards and repeatable methods that increase analyst throughput without sacrificing rigor