Cyber Intelligence Researcher

About Stripe

Stripe is a leading financial infrastructure platform empowering millions of companies globally, from startups to large enterprises, to manage payments, accelerate revenue growth, and explore new business opportunities. Our mission is to enhance the GDP of the internet, offering an unparalleled chance to contribute to the global economy while performing impactful career work.

About The Team

The Attacker Engineering team is dedicated to validating Stripe’s defenses and measuring security controls. They achieve this by providing actionable, attacker-derived products, datasets, and critical insights into real-world cyberattacks. This team operates in a distributed manner, primarily covering US time zones, but collaborates regularly with stakeholders across Europe and Asia.

What you’ll do

As a Cyber Intelligence Researcher, you will be a pivotal cyber intelligence professional responsible for conducting comprehensive research and analysis of cyber threat intelligence from diverse sources. Your role involves generating valuable insights and recommendations that support informed decision-making and robust risk mitigation strategies. A key aspect of this position is your ability to effectively communicate complex cyber threat intelligence findings to both technical and non-technical stakeholders, ensuring widespread understanding and application. Collaborating with internal teams and external partners, you will play a crucial role in strengthening Stripe's security posture and proactively addressing emerging cyber threats. Your commitment to continuous improvement and alignment with organizational goals will significantly enhance the overall effectiveness of our intelligence operations, safeguarding Stripe and its stakeholders from evolving cyber risks.

Responsibilities

• Collaborate closely with relevant stakeholders, including product, engineering, and business units, to identify and understand their specific intelligence needs.
• Proactively identify and analyze potential cyber threats and risks to the organization through comprehensive research using diverse intelligence sources and methodologies.
• Deliver timely and actionable intelligence reports and briefings to key stakeholders, such as executives, business leaders, and operational teams, to support informed decision-making and risk mitigation.
• Monitor and analyze threat intelligence feeds, open-source intelligence, social media, and trusted groups to identify emerging cyber threats, attack trends, and potential threat actors.
• Conduct in-depth investigations of security incidents, data breaches, and cyber attacks to ascertain their nature, scope, and impact, providing recommendations for response and remediation.
• Develop and maintain threat profiles and actor attribution information to deepen the organization's understanding of threat landscapes and potential adversaries.
• Collaborate with internal teams and external partners to share threat intelligence, enhancing collective defenses and response capabilities.
• Stay abreast of the latest trends, techniques, and tools in cyber threat intelligence, contributing to the continuous improvement of intelligence practices within the organization.
• Cultivate relationships with external intelligence providers, industry peers, and trusted communities to remain informed about emerging threats and facilitate intelligence sharing.
• Participate in incident response activities, offering intelligence support for effective detection, investigation, and resolution of cyber incidents, and contributing to post-incident analysis.

Who you are (Minimum Requirements)

• 5+ years of experience in cyber threat intelligence or a closely related field.
• Bachelor's degree in Cybersecurity, Computer Science, or a related discipline.
• In-depth knowledge of the cyber threat landscape, common attack vectors, and emerging trends in cybersecurity.
• Demonstrated experience in collecting, analyzing, and interpreting intelligence from various sources, including open-source intelligence, threat feeds, social media, and underground forums.
• Proficiency in using intelligence analysis tools and technologies to process, visualize, and present data in an actionable manner.
• Strong understanding of intelligence methodologies, frameworks, and best practices, with the ability to apply them effectively.

Preferred Qualifications

• Excellent written and verbal communication skills, capable of conveying complex technical concepts to diverse audiences.
• Proven ability to collaborate with cross-functional teams and stakeholders to identify intelligence requirements and provide timely support.
• Familiarity with relevant industry standards and regulations pertaining to cyber threat intelligence and data privacy.
• A continuous learning mindset, eager to stay current with the latest threats, intelligence techniques, and tools in cybersecurity.

Key skills/competency

• Cyber Threat Intelligence
• Threat Analysis
• Risk Mitigation
• Incident Response
• Open-Source Intelligence (OSINT)
• Threat Actor Profiling
• Security Incident Investigation
• Intelligence Reporting
• Data Visualization
• Cybersecurity Frameworks