Cyber Defense Analyst III

Your role:

The Cyber Defense Analyst III is a senior, intelligence-focused role responsible for advancing the organization’s Cyber Threat Intelligence (CTI) and Threat Hunting capabilities. This role specializes in adversary-focused analysis, intelligence-driven hunting, and translating threat insights into meaningful improvements across detection, response, and risk management. The ideal candidate brings strong experience in security operations and incident response, enabling them to contextualize intelligence within real-world environments and support complex security incidents through analysis and advisory guidance. Success in this role requires a deep understanding of modern SaaS and cloud-based environments, strong analytical judgment, and the ability to synthesize complex threat data into actionable intelligence for both technical and non-technical audiences. You’ll pursue continuous improvement to help Playlist achieve its mission: Powering the world’s fitness and wellness businesses and connecting them with more consumers, more effectively, than anyone else.

You will:

• Lead the development and execution of the Cyber Threat Intelligence (CTI) program, focusing on adversary tracking, emerging threats, and campaigns relevant to the organization


• Continuously monitor the threat landscape, synthesizing intelligence from internal telemetry, commercial feeds, open-source intelligence (OSINT), and industry sharing communities


• Produce actionable intelligence products (tactical, operational, and strategic) tailored to security operations, engineering, and leadership audiences Conduct hypothesis-driven threat hunting using intelligence-informed methodologies, documenting findings and recommending mitigations or detection improvements


• Map adversary activity to MITRE ATT&CK and related frameworks to identify coverage gaps and prioritize defensive improvements


• Correlate threat intelligence with security incidents and investigations to provide adversary context, likely next steps, and risk-based recommendations


• Partner with Cyber Defense teams to translate intelligence and hunt findings into improved detections, alerts, and response playbooks


• Maintain awareness of current security incidents and escalations to inform intelligence analysis and hunting priorities


• Serve as an on-call escalation advisor during critical security incidents, providing threat intelligence, adversary analysis, and strategic guidance to incident response leadership


• Develop and maintain documentation for intelligence workflows, hunting methodologies and analytic tradecraft


• Mentor analysts and engineers on intelligence consumption, ATT&CK usage, and adversary-focused thinking

About the right team member:

You are an experienced, self-motivated security professional who is passionate about leading andexecuting impactful and high-quality security initiatives. You know the best security is created through collaboration and iteration, and you are looking for the right opportunity and the right team to expand your experience.

You’ll thrive in this role with experience in:

• Broad and deep knowledge of cybersecurity principles, adversary behavior, and defensive best practices


• 5–7 years of information security or technology experience, including 3+ years in a senior or advanced analyst role


• Practical application of frameworks such as MITRE ATT&CK in enterprise environments


• Experience with CTI methodologies and threat hunting frameworks (e.g., Sqrrl, TaHiTI, PEAK)


• Expertise analyzing threat data and identifying adversary tactics, techniques, and procedures (TTPs)


• Hands-on experience operating SIEM platforms (e.g., Google Chronicle, Splunk) and CTI solutions


• Familiarity with automation and scripting (Python, Bash, PowerShell)


• Experience monitoring and securing cloud environments (AWS, Azure, GCP)


• Strong written and verbal communication skills, including executive-level summaries


• Ability to balance security risk, operational impact, and business priorities


• GIAC (GCIA, GCED, GCTI), CISSP, or comparable certifications strongly preferred