Cyber Threat Intelligence Analyst

American International Group, Inc. (AIG) is a leading global insurance organization. AIG member companies provide a wide range of property casualty insurance in approximately 70 countries and jurisdictions. These diverse offerings include products and services that help businesses and individuals protect their assets and manage risks.  

We're also committed to making a positive difference for our colleagues and in the communities where we work and live. We encourage colleagues to give back to the causes they care most about, supporting these efforts through our Volunteer Time Off and Matching Grants Programs. 

Make your mark in Information Technology

At AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Technology team equips our colleagues with the latest tools to complete their work efficiently and with the highest standards of excellence. The team is responsible for shielding the company's systems from security risks, while designing technology strategies that enable AIG's businesses to achieve their goals. AIG's Information Technology functions include enterprise architecture, software and systems engineering, cybersecurity, and technology risk and compliance. 

Get to know the business

The Cyber Threat Intelligence (CTI) team consists of analysts who specialize in collecting, analyzing, and operationalizing intelligence on cyber adversaries. The analyst will work within an interdisciplinary team that develops advanced analytical frameworks, tools and research methodologies, and other approaches to identify emerging cyber threats. The analyst will be responsible for analyzing the technical and behavioral aspects of malicious cyber activity and will serve as a subject matter expert on cyber threat actors, campaigns, TTPs, and geopolitical drivers influencing cyber risk. Additionally, the analyst will respond to stakeholder-directed research requests and contribute to internal intelligence products. This position plays a critical function in producing a comprehensive operating picture and cybersecurity situational awareness. 

What you need to succeed

Responsibilities 

• Collect, process, catalog, and document information using sources and tools available  

• Conduct deep-dive investigations into threat actors, TTPs, malware, phishing campaigns, and IOCs using OSINT, dark web, commercial feeds, and internal telemetry 

• Develop independently and support production of recurring intelligence reporting and briefings for various stakeholders within the organization  

• Produce concise written analysis and visual presentation of findings under deadlines, including both tactical and strategic assessments 

• Respond to requests for ad-hoc reporting and research topics from management as required 

• Maintain a knowledge base of threats to the organization's business lines, regions, and technology stack 

• Work with various intelligence collection and reporting tools and frameworks to produce reports 

• Quickly understand and deliver on stakeholder requirements to produce intelligence that is relevant, timely, accurate, actionable, and appropriate for the audience 

• Mentor junior analysts to strengthen analytic tradecraft standards across the team and champion a culture of curiosity, critical thinking, and adversary awareness 

• Deal professionally with offensive, profane, and obscene materials encountered during the course of investigations and research 

Requirements  

• Bachelor's degree in cybersecurity, computer science, intelligence studies, or related discipline  

• 2+ years of experience in cybersecurity, with at least 1+ years focused on cyber threat intelligence 

• Experience with using intelligence analysis methodologies and the threat intelligence lifecycle to distill raw information into actionable intelligence  

• Good understanding of global geopolitical dynamics and the ability to apply that knowledge to an information security context 

• Proven ability to understand and explain the behaviors of different types of sophisticated cyber adversaries including organized cybercriminal groups and state-sponsored groups 

• Strong knowledge of common threat actor tools, infrastructure, and malware families 

• Proven ability to translate complex information sets into specific recommendations and map adversary behavior to MITRE ATT&CK to develop intelligence-focused detection and mitigation strategies 

• Outstanding written and oral communication skills for both technical and executive audiences  

• Ability to prepare and present research findings in both virtual and in-person settings 

• Ability to work both independently and with a team of like-minded professionals to achieve reporting objectives and the ability to organize, track, and prioritize work 

• Ability to maintain or develop professional contacts in the cybersecurity community and in client industries including finance and government 

• Experience with conducting operations in closed/vetted online forums and marketplaces in both the surface and dark web spaces 

• Experience working in and defining intelligence requirements for private sector organizations, especially in a regulated industry (e.g., finance, insurance, healthcare, critical infrastructure) 

• Hands-on experience with intelligence platforms and tools (e.g., ThreatConnect, CrowdStrike, Mandiant, Anomali, Recorded Future, Silobreaker, Maltego). 

• Strong understanding of threat analysis and enterprise level mitigation strategies, including experience with SIEMs (e.g., Splunk, Sentinel, Falcon LogScale), EDR/XDR, and threat detection pipelines 

• Working knowledge of how malicious code operates and how technical vulnerabilities are exploited 

• Knowledge of operating systems, VPN technologies, Internet abuse issues, networking technologies, and other elements of enterprise networks and technology stacks 

• Knowledge of databases, query design, and how to analyze data thus obtained 

• Ability to safely triage and analyze malicious content using technologies like virtual machines, sandboxes, and browsing techniques to maintain strict operational security 

• Hands-on reverse engineering or malware analysis experience is a plus 

• Knowledge of foreign languages is a plus 

This position is eligible for a bonus in accordance with the terms of the applicable incentive plan. In addition, we're proud to offer a range of competitive benefits, a summary of which can be viewed here: 2025 Benefits Summary

Veterans are encouraged to apply.

#LI-NK1

At AIG, we value in-person collaboration as a vital part of our culture, which is why we ask our team members to be primarily in the office. This approach helps us work together effectively and create a supportive, connected environment for our team and clients alike.

Enjoy benefits that take care of what matters

At AIG, our people are our greatest asset. We know how important it is to protect and invest in what's most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing and financial security—as well as your professional development—to bring peace of mind to you and your family.

Reimagining insurance to make a bigger difference to the world

American International Group, Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the world's most far-reaching property casualty networks. It is an exciting time to join us — across our operations, we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG, you can go further to support individuals, businesses, and communities, helping them to manage risk, respond to times of uncertainty and discover new potential. We invest in our largest asset, our people, through continuous learning and development, in a culture that celebrates everyone for who they are and what they want to become.

Welcome to a culture of inclusion

We're committed to creating a culture that truly respects and celebrates each other's talents, backgrounds, cultures, opinions and goals. We foster a culture of inclusion and belonging through learning, cultural awareness activities and Employee Resource Groups (ERGs). With global chapters, ERGs are a cornerstone for our culture of inclusion. The talent of our people is one of AIG's greatest assets, and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations.

AIG provides equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.

AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities.  If you believe you need a reasonable accommodation, please send an email to   

Functional Area: