Description Marketing Statement: Tokio Marine North America Services (TMNAS) provides professional support services to Tokio Marine Group companies in the United States, including Tokio Marine America, First Insurance Company of Hawaii, and Philadelphia Insurance Companies. Customer service is our focus and our passion! Tokio Marine North America Services adds value in all that we do, providing the best professional service to our business partners, allowing them to achieve their goals. Our talented team delivers actuarial, audit, corporate communications, financial and investment, human capital services, information technology, legal, and payroll expertise to our customers. Job Summary: As a Cyber Threat Intelligence Analyst, you will be instrumental in collecting, analyzing, and disseminating cyber threat intelligence that directly informs, enhances, and advances our Global Fusion Center (GFC) and Tokio Marine Group Companies (GCs). You will rapidly grow understanding of the Group Companies’ business priorities and how cyber threats affect those priorities. You’ll leverage your expertise to process large volumes of cyber threat data, conduct deep-dive analysis, and produce high-quality reports for internal and external stakeholders. This role requires hyper attention to detail, strong analytic tradecraft, exceptional communication skills, with the ability to execute and mature (scale) this function globally. You’ll play a key role in shaping the GFC’s intelligence-driven platform while supporting the broader threat intelligence needs of Tokio Marine and its internal teams. Essential Job Functions: + Collect, analyze, and contextualize threat intelligence from internal telemetry, external sources, and underground communities to proactively identify relevant threats to the organization + Apply offensive security experience to model realistic threat actor behaviors and improve detection coverage through threat emulation and attack simulation + Lead intelligence-driven threat modeling efforts (e.g., MITRE ATT&CK mapping, adversary profiles, attack surface assessments) + Produce actionable intelligence products (tactical, operational, strategic) tailored to audiences across SOC, IR, Red Team, vulnerability management, and leadership + Operationalize intelligence by collaborating with detection engineers, blue teamers, and GRC to drive measurable risk reduction + Maintain and enrich threat intelligence tooling and platforms (e.g., TIPs, OpenCTI, MISP) + Track and monitor relevant threat actors, campaigns, malware, and vulnerabilities targeting our industry and organization + Build relationships with internal teams and external partners (e.g., ISACs, peer companies, vendors) to strengthen intelligence sharing + Support and mature intelligence lifecycle processes (collection, analysis, dissemination, feedback) + Build a threat intelligence function that directly informs detections, hardens defenses, and empowers security leadership with decision-ready insights + Bridge the gap between offensive understanding and defensive action by enabling a proactive, intelligence-led security culture that stays ahead of evolving threats Other Functions: + Comply with proper internal controls as necessary to conduct job functions and/or carry out responsibilities, and/or administrative activities at the Company + Establish and build working relations and partnerships with GCs and vendors + Perform special projects and other duties as may be assigned Qualifications: + 3+ years in cyber threat intelligence, red teaming, offensive security, or equivalent fields + Demonstrated experience conducting threat research and turning it into actionable outcomes + Strong understanding of threat actor TTPs, malware analysis fundamentals, and threat infrastructure tracking + Proficiency with adversary simulation tools (e.g., Cobalt Strike, Caldera, MITRE ATT&CK Navigator) + Experience writing and presenting threat intelligence to both technical and non-technical stakeholders + Familiarity with or hands-on experience using OpenCTI, MISP, YARA, Sigma, or other threat intelligence platforms/formats preferred + Experience interfacing with SOC, detection engineering, and red team functions preferred + Background in vulnerability research or exploit development preferred + Understanding of open-source intelligence (OSINT) or dark web monitoring communities is a plus + Certifications such as GCTI, OSCP, GREM, or CEH is a plus Salary range $140,000 to $160,000 . Ultimate salary offered will be based on factors such as applicant experience and geographic location. Our company offers a competitive benefits package and bonus eligibility on top of base. EEO Statement: Tokio Marine Group of Companies (including, but not limited to the Philadelphia Insurance Companies, Tokio Marine America, Inc., TMNA Services, LLC, TM Claims Service, Inc. and First Insurance Company of Hawaii, Ltd.) is an Equal Opportunity Employer. In order to remain competitive we must attract, develop, motivate, and retain the most qualified employees regardless of age, color, race, religion, gender, disability, national or ethnic origin, family circumstances, life experiences, marital status, military status, sexual orientation and/or any other status protected by law. REQNUMBER: 10000519