Skip to content

Threat Intelligence Analyst

Deepwatch IndiaBengaluru, KA, India · IndiaJuly 18, 2026
Hybrid
Full-time
Threat Intelligence
Entry · 1–3 yrs

Come join Deepwatch’s team of world-class cybersecurity professionals and the brightest minds in the industry.
 If you're ready to challenge yourself with work that matters, then this is the place for you. We're redefining cybersecurity as one of the fastest-growing companies in the U.S. – and we have a blast doing it! With the launch of our new India Global Capability Center (GCC) in Bengaluru, we’re expanding our global footprint and building a diverse, high-impact team driving innovation and excellence at scale.

Who We Are

Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch’s cloud-based security operations platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business. 

Our core values drive everything we do at Deepwatch, including our approach to tackling tough cyber challenges. We seek out tenacious individuals who are passionate about solving complex problems and protecting our customers. At Deepwatch, every decision, process, and hire is made with a focus on improving our cybersecurity solutions and delivering an exceptional experience for our customers. By embracing our values, we create a culture of excellence that is dedicated to empowering our team members to explore their potential, expand their skill sets, and achieve their career aspirations, which is supported by our unique annual professional development benefit.

Deepwatch recognition includes:

  • 2025, 2024, 2023, 2022 and 2021 Great Place to Work® Certified
  • 2024 Military Times Best for Vets Employers
  • 2024 US Department of Labor Hire Vets Gold Award
  • 2024 Forbes' America's Best Startup Employers
  • 2024 Cyber Defense Magazine, Global Infosec Awards 
  • 2023 and 2022 Fortress Cybersecurity Award
  • 2023 $180M Series C investment from Springcoast Capital Partners, Splunk Ventures, and Vista Credit Partners of Vista Equity Partners
  • 2022 Cybersecurity Excellence Award for MDR

Reporting to the Senior Manager, Cybersecurity Operations, the Threat Intelligence Analyst will focus on understanding and conducting in-depth analysis on threat methodologies, adversarial capabilities, and Tactics Techniques and Procedures (TTPs). This role is responsible for leveraging threat intelligence to provide timely and actionable intelligence to Deepwatch customers and stakeholders. The Threat Intelligence Analyst should be an independent, critical thinker skilled in the intelligence process and able to satisfy intelligence requirements under time-sensitive deadlines. This position requires the analysis of artifacts and methodologies of threat actors to determine the impact and severity to the environment. 

On a daily basis, you will be researching the changing cybersecurity landscape, including new tactics, techniques, and threats. You will have the opportunity to identify and develop new ways of tackling problems and identifying solutions to meet the needs of Deepwatch customers. The cyber threat landscape is ever evolving and you can be at the forefront of understanding what’s on the horizon. 

In this role, you’ll get to: 

  • Support and maintain active monitoring of external intelligence sources.
  • Identify, track, and analyze emerging or ongoing cyber threats.
  • Escalate significant findings to senior leadership or lead threat intelligence staff for validation and dissemination.
  • Conduct indicator management and assist in broader threat research initiatives.
  • Develop and deliver periodic, time-sensitive threat intelligence reports for Significant Cybersecurity Events.
  • Provide surge support for other Advisory Tactics and Intelligence (ATI) technical programs.
  • Collaborate with global teams across time zones to ensure continuous threat intelligence coverage and successful client outcomes.
  • Partner with US-based leadership to align regional intelligence efforts with global operational strategies.

To be successful in this role, you’ll need to: 

  • Experience: 1–3+ years of experience in cyber threat intelligence, security research, SOC operations, or cyber investigations.

  • Education: A Degree in Computer Science, IT, Intelligence, or equivalent practical experience.

  • Core Cyber Expertise: Proven experience in one or more core domains: Cybersecurity Operations, Threat Intelligence & threat actor research, Malware reverse engineering, Threat Hunting, Incident Response, Digital Forensics, or Offensive Operations.

  • Analytical Skills: Strong analytical, investigative, and critical-thinking skills with a continuous learning mindset.

  • Communication: Exceptional technical writing and verbal communication skills, with the ability to discuss complex security issues with senior leadership and customers.

  • Professionalism: A strong sense of ownership, discretion, and commitment to client satisfaction while working independently or across a distributed global team.

  • Industry Context: Experience working in a consulting, intelligence, MDR, or managed security services (MSSP) environment.

  • Technical Familiarity: * Familiarity with OSINT, CTI, and investigative tools (e.g., dark web forums, marketplaces, breach data sources).

  • Understanding of cybercrime ecosystems, threat actor TTPs, ransomware, fraud, or data-theft operations.

  • Basic foundational knowledge of SIEM tools, Splunk, and XSOAR.

  • Experience operating within a Threat Intelligence Platform (e.g., OpenCTI, MISP) to ingest, tag, and maintain IOCs throughout the indicator lifecycle.

Preferred Qualifications (A Plus):

  • Relevant certifications (e.g., Security+, CEH, GCIA, GCTI, GSEC, GREM, OSCP).
  • Scripting experience and a working knowledge of SQL & Python.
  • Experience with Cloud Security, Malware Analysis, Digital Forensics, or Incident Response (full packet capture, host/network, email).

Why Deepwatch?

  • Mission-driven company focused on protecting customers from threats 24/7
  • Hybrid work model in India, with access to collaborative office space in Bangalore
  • High-impact leadership role with strong visibility across Product & Engineering
  • Competitive compensation, equity, and benefits
  • A company recognized as a Great Place to Work® for five consecutive years
  • Opportunity to shape the future of cybersecurity and AI-driven platforms

Life at Deepwatch:

For employees, Deepwatch fosters a unique, flexible work environment designed with collaboration in mind. The company emphasizes personal and professional
growth, offering benefits such as professional development programs, comprehensive health coverage, and generous parental leave. Deepwatch is also committed to diversity, equity, inclusion, and belonging, aiming to empower underrepresented groups in tech by connecting them with meaningful opportunities, mentors, and sponsors.

In recognition of its supportive workplace culture, Deepwatch earned the Great Place To Work Certification/(TM) in 2025, underscoring its dedication to creating a positive and inclusive work environment. Deepwatch is a global cybersecurity company with offices in San Francisco Bay Area, CA; Tampa, Florida; and Bengaluru, India.

What We Offer:

At Deepwatch, we are committed to supporting our employees with a comprehensive benefits package designed to enhance your well-being and financial security.

We provide:

  • Group Health Insurance – Comprehensive medical coverage for you and your dependents.
  • Group Accidental Insurance – Financial protection in case of accidental injuries.
  • Group Term Life Insurance – Security for your loved ones in unforeseen circumstances.
  • Comprehensive Wellness, OPD and Gym support program

Job Details

Experience

Entry · 1–3 yrs

Tools & Tech

C
Python
Splunk
SQL

Preferred Certs

CEH
Security+
GCIA
GSEC
OSCP