Associate Lead Analyst - Cyber Threat Intelligence 

The Big Picture   

Sysco LABS is the Global In-House Center of Sysco Corporation (NYSE: SYY), the world’s largest foodservice company. Sysco ranks 56th in the Fortune 500 list and is the global leader in the trillion-dollar foodservice industry.   

Sysco employs over 75,000 associates, has 337 smart distribution facilities worldwide and over 14,000 IoT-enabled trucks serving 730,000 customer locations. For fiscal year 2025 that ended June 29, 2025, the company generated sales of more than $81.4 billion. Sysco LABS Sri Lanka delivers the technology that powers Sysco’s end-to-end operations.   

Sysco LABS’ enterprise technology is present in the end-to-end foodservice journey, enabling the sourcing of food products, merchandising, storage and warehouse operations, order placement and pricing algorithms, the delivery of food and supplies to Sysco’s global network and the in-restaurant dining experience of the end-customer.   

 The Opportunity 

This role sits within Sysco’s Corporate Cybersecurity organization and focuses on Cyber Threat Intelligence (CTI). As a mid-level individual contributor, the Cyber Threat Intelligence Analyst plays a key role in identifying, analyzing, and communicating cyber threats that may impact Sysco’s business, technologies, and geographies. 

This position is ideal for an analyst who is genuinely passionate about threat intelligence, enjoys deep research and writing, and wants to connect external adversary activity with internal defensive priorities. You’ll work closely with SOC, Incident Response, Threat Hunting, and Security Engineering teams to turn intelligence into real, measurable risk reduction. 

Responsibilities: 

• Collecting, correlating, and analyzing cyber threat data from multiple sources including commercial intelligence feeds, ISAC/ISAO communities, OSINT, dark web/closed communities, and internal telemetry 

• Tracking threat actors, campaigns, tooling, and vulnerabilities relevant to the organization’s sector, technologies, and geographic footprint 

• Producing high-quality tactical, operational, and strategic intelligence products such as alerts, briefs, deep-dive reports, and executive summaries with clear assessments and recommended actions 

• Collaborating with SOC, Incident Response, Threat Hunting, Security Engineering, and Penetration Testing teams to operationalize intelligence into detections, hunts, playbooks, and hardening activities 

• Conducting structured OSINT and dark web investigations using approved personas and tradecraft, in alignment with legal, compliance, and ethical guidelines 

• Maintaining and curating threat intelligence platforms and datasets, including indicator lifecycle management, enrichment, tagging, de-duplication, and integration with SIEM/EDR and other security controls 

• Contributing to internal knowledge bases, briefings, and awareness initiatives to raise overall organizational threat awareness 

• Continuously develop personal CTI expertise and stay current with evolving threat landscapes, adversary techniques, and industry trends 

 Requirements: 

• A Bachelor’s Degree in Cybersecurity, Computer Science, or a related field 

• 3–5 years of experience in Cyber Threat Intelligence, SOC/IR with an intelligence focus, security research, or a closely related role 

• Strong research, analytical, and writing skills with the ability to produce intelligence for both technical and non-technical audiences 

• Working knowledge of threat intelligence frameworks and models such as MITRE ATT&CK, Cyber Kill Chain, and Diamond Model 

• Hands-on experience with OSINT techniques and tooling, including analysis of domains, IPs, certificates, DNS, WHOIS, and infrastructure artifacts 

• Experience monitoring dark web or closed communities using managed personas and approved tradecraft 

• Familiarity with threat intelligence platforms or sharing tools (TIP, MISP, or similar) and integrating intelligence with SIEM/EDR solutions 

• Strong communication skills, attention to detail, and the ability to prioritize multiple intelligence tasks effectively 

Preferred Qualifications 

• A Master’s Degree in Cybersecurity or Computer Science 

• 4+ years of relevant experience in CTI or intelligence-focused security roles 

• Should possess the ability to read and interpret sources in an additional language (e.g., Russian, Mandarin, Farsi) 

• Certifications such as GCTI or CTIA 

• Familiarity with blockchain analysis and cryptocurrency tracking related to ransomware or extortion activity 

 Work Mode & Environment 

• Work Mode: Hybrid 

• May occasionally support high-priority investigations outside standard business hours 

• Part of a globally distributed cybersecurity team with close collaboration across regions 

Benefits:   

• US dollar-linked compensation    

• Performance-based annual bonus    

• Performance rewards and recognition    

• Agile Benefits - special allowances for Health, Wellness & Academic purposes    

• Paid birthday leave   

• Team engagement allowance    

• Comprehensive Health & Life Insurance Cover - extendable to parents and in-laws    

• Overseas travel opportunities and exposure to client environments    

• Hybrid work arrangement    

Sysco LABS is an Equal Opportunity Employer.