Cyber Threat Intelligence Analyst

Caterpillar Caterpillar · Industrial · East Peoria, IL +2

This role is for a Cyber Threat Intelligence Analyst responsible for collecting, analyzing, and delivering intelligence on threat actors, campaigns, vulnerabilities, and risks. The analyst will conduct vulnerability assessments, produce intelligence products, and deliver briefings to various audiences. The role also involves supporting incident response and collaborating with internal and external security teams. Experience with AI tools, scripting, or automation is a plus.

What you'd actually do

  1. Conduct tactical and strategic cyber threat intelligence collection, analysis, and reporting focused on threat actors, campaigns, vulnerabilities, zero-days, and organizational exposure across enterprise environments.
  2. Perform vulnerability intelligence assessments using CVE analysis, CVSS scoring, threat modeling, and prioritization frameworks to identify and track emerging threats and materially relevant exposures.
  3. Produce and disseminate actional intelligence products including threat briefs, threat reports, TTP analysis, and recommendations mapped to MITRE ATT&CK and other industry-standard frameworks to support SOC, CSIRT, and threat hunting teams.
  4. Deliver recuring threat intelligence briefings – including monthly strategic updates and more frequent tactical briefings – to both technical and non-technical audiences, translating complex threats into clear, actionable insights.
  5. Support intelligence-driven incident response and cross-functional collaboration, including investigation of security incidents/data breaches and partnership with groups such as OT/ICS, product security, application security, and external intelligence-sharing partners.

Skills

Required

  • Relevant experience in cyber threat intelligence, SOC, incident response, threat hunting, vulnerability intelligence, or a closely related cyber defense function.
  • Working knowledge of the CTI lifecycle and structure analytic methods, including collection, enrichment, analysis, and dissemination for different customers.
  • Fluency with MITRE ATT&CK and related frameworks such as Kill Chain, Diamon Model, or equivalent threat modeling approaches.
  • Practical experience with vulnerability intelligence, including interpreting CVEs, CVSS, exploitability context, and prioritization of relevant vulnerabilities.
  • Ability to analyze adversary TTPs, IOCs, and campaigns and turn that analysis into actionable output for defenders.
  • Strong written and verbal communication skills
  • Research and documentation experience.

Nice to have

  • Knowledge of the CTI lifecycle
  • Familiarity with MITRE ATT&CK Framework
  • Understanding of CISA KEV / vulnerability prioritization concepts
  • Experience curating threat briefings and written reporting.
  • Ability to analyze TTPs, IOCs, campaigns, CVEs, and threat trends.
  • Strong research, requirements analysis, and technical writing skills
  • Knowledge of AI tools, scripting, or automation
  • Familiarity with CI/CD pipelines, application security, or product security concepts
  • Familiarity with OT/ICS security
  • Experience with intelligence-sharing communities or external partner collaboration