Key skills
AzureCyber SecurityLinuxPythonBIPower BICommunicationPresentation SkillsRemote Work
About this role
Role Overview
- Monitor and analyze threat intelligence using tools such as ZeroFox, Digital Shadows, or similar platforms.
- Write comprehensive and technical cybersecurity reports with strong attention to detail.
- Utilize OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search for threat intelligence gathering.
- Develop, sustain, and enrich custom threat intelligence feeds using platforms like MISP, with scripting in Python, Azure, and Linux.
- Manage threat intelligence feeds using platforms such as Anomali, ThreatQ, Cyble, Cyware, OpenCTI, and MISP.
- Integrate threat intelligence feeds into common SIEMs, particularly Microsoft Sentinel.
- Execute domain and social media account takedowns as necessary.
- Create custom, in-depth reports specific to client requirements.
- Apply knowledge of MITRE ATT&CK, D3F3ND frameworks, and the Cyber Kill Chain in threat analysis.
- Utilize Excel and/or Power BI for data visualization and graph creation.
- Prepare and deliver PowerPoint presentations and reports to stakeholders.
- Maintain strong verbal and written communication skills in English.
- Work independently under pressure and prioritize tasks effectively.
- Be available for on-call duties for high-priority urgent tasks.
- Collaborate with Managed Security Service Providers (MSSPs) for backend and client-facing work.
Requirements
- Minimum of 3 years of experience with threat intelligence monitoring tools.
- At least 1 year of experience in threat intelligence report writing.
- Proficiency with OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search.
- Experience with scripting in Python, Azure, and Linux.
- Familiarity with one or more threat intelligence platforms for feed management.
- Experience integrating threat intelligence feeds into SIEMs, especially Microsoft Sentinel.
- Proven experience with domain and social media account takedowns.
- Strong understanding of MITRE ATT&CK, D3F3ND frameworks, and the Cyber Kill Chain.
- Excellent English writing skills.
- Proficiency in Excel and/or Power BI for data visualization.
- Strong experience with PowerPoint presentations and reporting.
- Strong verbal English and presentation skills.
- Cybersecurity certifications (e.g., COMPTIA, SANS GIAC, ISC, EC-Council) are a plus.
- Certifications specific to cyber threat intelligence are an asset.
- Ability to work in the EST timezone (evening shift for overlap with onshore/client team).
Tech Stack
- Azure
- Cyber Security
- Linux
- Python
Benefits
- Remote work options