Key skills
CloudCyber SecurityFirewallsGoArtificial IntelligenceIAMCommunicationCritical ThinkingTime ManagementPenetration TestingCloud Security
About this role
Role Overview
- Support analysis of adversaries, emerging threats, intrusion campaigns, underground services and relevant cybersecurity incidents or events.
- Collect and analyze information from a variety of sources, to generate tactical finished intelligence products.
- Perform analysis of tactics, techniques and procedures (TTPs) from intrusions and cybercriminal activity.
- Conduct attribution analysis and identify overlaps between adversaries and activity clusters.
- Leverage analytical tools, technologies, methodologies and data platforms to enhance intelligence products and capabilities.
- Provide independent timely, tactical intelligence analysis and research support for bespoke customer engagements and requests for information (RFIs).
- Support our data collection efforts and artificial intelligence-enhanced automation workflows.
- Develop and provide intelligence briefings to support internal and external speaking events with a view to expand brand awareness and support the go-to-market effort.
- Collaborate internally with an experienced, globally diverse, cross-cultural team to aid the collection, analysis and production of intelligence.
- Generate intelligence bulletins (IBs), adversaries’ profiles, regional and industry-focused reports, weekly briefings, monthly and annual reports.
Requirements
- Understanding of how cyber threat intelligence (CTI) supports and protects business operations by enabling informed risk mitigation and decision-making.
- Understanding of how CTI enhances enterprise security capabilities and directly enables teams such as Security Operations Center (SOC), Incident Response (IR), Threat Hunting, Fraud Prevention, Vulnerability Management and Security Engineering through actionable, relevant and timely intelligence.
- Knowledge of at least some of the following security technologies and platforms that directly benefit from CTI integration such as Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR), Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Threat Intelligence Platforms (TIP), firewalls, Intrusion Prevention Systems (IPS), Identity and Access Management (IAM), cloud security controls and other related technologies.
- Knowledge of the cybercriminal underground landscape including: Common intrusion TTPs, malware operations, vulnerabilities, exploits, carding, financial fraud, etc.
- Malware, fraud and phishing campaigns and infrastructure related to them.
- Understanding of the interdependencies between cybercriminal enabling services, commodity products, compromised information/data, monetization schemes and the threat actors involved.
- Proficient in open-source intelligence (OSINT) research and common tool sets.
- Understanding of the nexus between geopolitics and cybercrime.
- The ability to collaborate in a remote team, but also work independently.
- Excellent written and spoken communication, interpersonal and problem-solving skills.
- A self-starter, motivated to take ownership, lead people and drive projects from initiation to completion.
- Demonstrated cybersecurity experience in one or more of the following or related areas: Incident Response (IR), Penetration Testing, Red Teaming, Threat Hunting, Vulnerability Management, Malware Analysis, Fraud Analysis or CTI.
- Proven ability to consistently produce high-quality reports, connecting relevant and timely intelligence to support stakeholder use cases.
- Proven ability with the intelligence cycle and cybersecurity frameworks such as MITRE ATT&CK, Diamond Model, Pyramid of Pain and Cyber Kill Chain.
- Excellent time management and organization skills.
- Proven proficiency in analytical methodologies such as critical thinking, logical reasoning and techniques to minimize cognitive bias.
- Demonstrated proficiency with underground investigations, intrusion campaigns tracking or malware analysis.
Tech Stack
- Cloud
- Cyber Security
- Firewalls
Benefits
- Competitive compensation
- Remote-friendly culture
- Wellness programs
- Employee recognition program
- A variety of professional development opportunities
- Inclusive culture focused on people, customers and innovation