Threat Intelligence Analyst

About spiderSilk

Founded in 2019, spiderSilk set out to create sovereign cybersecurity technology from the region for the global market. The company focuses on continuously adapting, intelligent, and autonomous security that helps organizations protect fast-changing digital environments.

It is a global team of builders, analysts, and problem-solvers who value curiosity, ownership, and momentum. The organization is driven by the goal of making the internet safer for everyone.

Role overview

The Threat Intelligence Analyst will focus on dark web intelligence gathering and analysis. The position involves researching threat actor activity across hidden forums, marketplaces, and private communication channels, then turning that information into usable intelligence for clients and internal teams.

This role calls for strong investigative skills, familiarity with underground ecosystems, and the ability to convert raw observations into clear, practical insights for technical teams as well as business stakeholders.

Key responsibilities

• Observe and investigate activity across dark web forums, marketplaces, encrypted channels, and other concealed communication spaces.
• Follow threat actor behavior, campaigns, and new tactics, techniques, and procedures.
• Gather, classify, and analyze intelligence related to leaks, malware spread, access-for-sale activity, and exploit trading.
• Write clear intelligence reports, alerts, and briefings for both technical and executive readers.
• Partner with product, research, and exposure teams to add context and client relevance to findings.
• Apply strict operational security practices while conducting intelligence work and outreach.

Requirements

• 2 to 4 years of experience in threat intelligence or cyber investigations, ideally centered on dark web or underground monitoring.
• Strong working knowledge of platforms and networks such as TOR, I2P, and decentralized forums.
• Experience with OSINT methods, tools like Maltego and Recon-ng, and enrichment workflows.
• Ability to identify threat actor patterns, indicators of compromise, and relevant geopolitical or sector trends.
• Excellent writing and analytical communication skills for both tactical and strategic intelligence outputs.
• Experience with HUMINT or dark web engagement conducted in a secure and ethical way is preferred.
• Language skills relevant to threat groups, such as Russian, Arabic, or Mandarin, are a strong advantage.
• Understanding of cybercrime ecosystems including initial access brokers, ransomware affiliates, and data extortion groups.
• Prior exposure to law enforcement support, CTI platforms, or security product development is beneficial.
• Relevant certifications or training such as GIAC GCTI, CREST CTIM, or similar intelligence-focused programs are a plus.

Additional information

This role is based in Dubai, United Arab Emirates, and is a full-time onsite position. No stipend or salary amount was specified in the source.