Senior Threat Intelligence Analyst

Dragos is on a relentless mission to defend industrial organizations that provide us with the necessities of modern civilization; running water, functioning electricity, and safe industrial working environments. As the market leader in ICS/OT Cybersecurity, we are dedicated to arming our customers with best-in-class technology, threat intelligence, and services to protect their systems as effectively and efficiently as possible. We’re a remote-first culture with operations in North America, Europe, the Middle East, and APAC. We’re looking for mission-oriented teammates who embody our core values of authenticity, transparency, and trust. Are you ready to make a difference? Come join a mission that can save the world! 

• Integrate directly with client ICS/OT security workflows, providing hands‑on threat intelligence support, hunting, and guidance aligned to each customer’s operational environment.
• Conduct ICS/OT threat hunting, research, and analysis to identify adversary activity, assess risk, and support response and mitigation efforts within client environments.
• Produce tailored intelligence deliverables--including recurring reports, deep‑dive analyses, alerts, and advisories--based on client priority intelligence requirements.
• Leverage Dragos intelligence, platform data, and OSINT to inform client‑focused analysis, hunting activities, and actionable reporting.
• Develop deep expertise in ICS/OT threats and risks relevant to specific industries and environments, including attack surface analysis, threat modeling, and hunting strategies.
• Create industry‑focused technical, operational, and strategic intelligence content that supports individual clients and the broader Dragos WorldView customer community, while collaborating with internal teams to enhance overall outcomes.
• Provide support and feedback to internal Dragos teams including Incident Response, OT‑Watch, Customer Experience, Intelligence and Professional Services. 

• 4+ years of experience in Cyber Threat Intelligence (CTI), using multiple data sources such as network data (e.g., NetFlow), OSINT, SIEMs, malware repositories, and DFIR techniques.
• Hands‑on experience performing threat hunting in ICS/OT or closely related environments (minimum 2 years), with an understanding of how adversaries target operational systems.
• Experience working in customer‑facing roles (e.g., consulting or managed services), including presenting intelligence findings and supporting client needs.
• Strong CTI writing and communication skills, with experience producing clear, confidence‑based intelligence assessments and deliverables.
• Knowledge of ICS/OT threats and adversary behavior, including TTPs, major historical attacks, and impacts across industrial sectors such as energy, manufacturing, utilities, or government.
• Solid understanding of ICS/OT technologies, including industrial networks, common protocols, and OT assets such as PLCs, HMIs, and RTUs.
• Knowledge of security and defender frameworks, such as MITRE ATT&CK, D3FEND, and the ICS Cyber Kill Chain.

Dragos is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, state, or local laws. All new hires must pass a background check as a condition of employment.