Fraud Analyst

With 1,000+ intelligence professionals serving over 1,900 clients worldwide, Recorded Future is the world’s most advanced, and largest, intelligence company!

Recorded Future provides intelligence that 1,500+ clients use to defend their people and networks from cybersecurity threats. We are looking for a Fraud Analyst to join our Threat Intelligence team!

What You’ll Do:

Conduct research on emerging cyber threats, adversary activity, and global threat trends

Collect, analyze, and synthesize data from a variety of technical and open sources to produce actionable intelligence

Support tracking of threat actor infrastructure, campaigns, and evolving tactics, techniques, and procedures (TTPs)

Monitor and assess Chinese-language sources to identify relevant threat activity and insights

Contribute to the production of high-quality intelligence reporting for internal and external stakeholders

Assist in identifying and developing indicators and detection opportunities

Collaborate with cross-functional teams, including other intelligence, engineering, and data science teams

Continuously develop technical expertise and stay current on evolving threat landscapes and tradecraft

What You'll Bring:

BA/BS or equivalent experience in Computer Science, Information Security, Intelligence, Security Studies, or a related field

1–2 years of experience in Threat Intelligence, Cybersecurity, or a related discipline (including internships or academic research)

Foundational understanding of cyber threat analysis and intelligence methodologies

Basic knowledge of networking concepts, including TCP/IP, DNS, and internet infrastructure

Experience or familiarity with analyzing technical artifacts such as domains, IP addresses, and related metadata

Familiarity with OSINT collection and analysis techniques

Exposure to common CTI tools and workflows (e.g., Jupyter Notebook, Maltego, Elastic Stack, or similar platforms)

Understanding of structured analytic techniques and frameworks such as MITRE ATT&CK, the Cyber Kill Chain, or the Diamond Model

Strong analytical, problem-solving, and critical thinking skills

Effective written and verbal communication skills, with the ability to convey technical concepts to diverse audiences

Ability to work collaboratively in a fast-paced, globally distributed team environment

Required:

Professional working proficiency in Chinese, with the ability to read, analyze, and synthesize native-language sources

Preferred Qualifications:

Experience analyzing financially motivated cyber activity, including phishing, scams, or account compromise

Basic scripting or programming experience (Python preferred) for data analysis or task automation

Familiarity with underground ecosystems such as forums, marketplaces, or messaging platforms (e.g., Telegram)

Understanding of payment systems, cryptocurrency usage, or fraud-related typologies

Experience working with threat intelligence datasets or large-scale data analysis

Exposure to det