Description
Responsibilities
Collecting, processing, and analyzing information regarding security threats provides indication and warnings of impending attacks
Producing and disseminating intelligence products, advisories or tailored reports
Analyze and report on unique attack vectors, emerging cyber threats, and current trends used by malicious actors
Daily threat intelligence monitoring through open and closed sources
Continually improve how the threat intelligence team works, including creation of run books, procedures, automation or other efficiencies
Maintain, develop and continually analyze threat data/intelligence sources, both technical and non-technical
Identify, evaluate and communicate new and ongoing cyber security threats through regular and ad-hoc reporting; produce intelligence briefings, attribution reports, and position papers
Produce concise tactical warning bulletins and other analytic reports that detail daily findings, events, and activities
Conduct collection and support attribution and analysis from incident response and threat hunting functions case findings
Collection and analysis of All-Source intelligence, research data from multiple intelligence providers in order to analyze findings and produce quality Intelligence Products
Support threat hunts and purple teaming endeavors to identify threat actor groups and their techniques, tools, and processes utilizing threat intelligence
Analysis of anomalous log data, and results of collaborative team sessions to detect, and eradicate threat actors on the network
Analyze and support security incidents for further enrichment of detection and alerting capabilities
Continuously improve processes for use across detection sets for more efficient operations
Generate reporting of trending metrics
Acquire threat intelligence and technical indicators from external sources; develop tactical intelligence and technical indicators internally and collaborate with the incident response often
Evaluate data sources for consideration in the improvement and expansion of the threat intelligence program
Required Skills
Knowledge of current hacking techniques, cyber threat actors, attribution concepts, security analysis techniques, recent cyber incidents and vulnerability disclosures
Understanding of common threat analysis, and threat modeling techniques used in CTI such as diamond model, kill chain, F3EAD, MITRE ATT&CK framework, and the threat intelligence lifecycle
Competency in using common intelligence datasets obtained from information sharing sources, malware collections, and other internet derived data
Education
Bachelor's degree
- Posted On: 04-Sep-2024
- Experience: 5+ years of experience
- Openings: 1
- Category: Cybersecurity Threat Modelling Architect
- Tenure: Full-Time Position