Job Description

Kroll Cyber Threat Intelligence (CTI) is seeking a mid‑level Cyber Threat Intelligence Analyst based in Bangalore, India to support billable client engagements across proactive intelligence, incident response support, and investigative services. This role is ideal for an analyst who can independently execute investigative work, contribute directly to client deliverables, and operate effectively in a fast‑paced consulting environment.

The successful candidate will translate threat intelligence into clear, actionable outputs, support client communications, and manage assigned workstreams to help clients reduce risk, respond to incidents, and protect their brand and digital presence.

Day-to-day responsibilities:

• Deliver billable cyber threat intelligence, investigative, and monitoring services in line with client scopes of work and engagement objectives.
• Independently identify, collect, and analyze threat intelligence from open web, deep web, and dark web sources to support client investigations.
• Conduct short‑duration and ongoing investigative efforts, including data‑leak analysis, threat actor research, and brand or executive exposure assessments.
• Provide hands‑on support to incident response engagements, including rapid threat research, indicator enrichment, and investigative analysis under time‑sensitive conditions.
• Support incident detection activities by identifying indicators of compromise, malicious infrastructure, and relevant threat actor TTPs.
• Perform vulnerability assessments and external digital footprint monitoring to identify exposures that may impact client risk.
• Produce client‑ready written deliverables, including investigative summaries, intelligence reports, and findings suitable for both technical and non‑technical audiences.
• Participate in client communications, including status updates, investigative briefings, and clarification of findings under guidance from engagement leads.
• Support project and task management responsibilities by tracking assigned workstreams, meeting delivery timelines, and ensuring alignment with engagement expectations.
• Manage multiple concurrent tasks while meeting quality, responsiveness, and utilization expectations in a consulting model.
• Collaborate closely with CTI peers, incident responders, and engagement leads to ensure successful client outcomes.

Essential Traits:

• Ability to support global client engagements, including periodic overlap with U.S. or EMEA working hours.
• Comfortable operating in a billable delivery model with expectations around quality, deadlines, and utilization.
• Strong sense of accountability, professionalism, and ownership of assigned client work.
• Commitment to continuous learning and staying current with the evolving threat landscape
• Working knowledge of vulnerability management, exposure analysis, and digital footprint monitoring.
• Experience contributing to client communications and supporting delivery of consulting engagements.
• Strong time‑management and organizational skills with the ability to balance multiple billable tasks.
• Excellent written and verbal English communication skills.

Prerequisites:

• 3–6 years of hands‑on experience in cyber threat intelligence, SOC, security research, digital investigations, or cyber consulting.
• Demonstrated experience researching and analyzing cyber threats across the open web, deep web, and dark web.
• Practical experience supporting incident response or security operations, ideally in a client‑facing environment.
• Prior experience in consulting, managed security services, or intelligence services environment.
• Familiarity with OSINT, CTI, and dark web investigative tools and methodologies.
• Understanding of cybercrime ecosystems, including ransomware operations, fraud, and data‑leak marketplaces.
• Relevant certifications (e.g., Security+, CEH, GCTI, GCIA) are a plus.

#LI-SP1

#LI-Hybrid