Senior Consultant/Analyst - Threat Intelligence - Cyber Security

Job Summary:

Threat Intelligence Analyst is a key role at Threat Intelligence a division, working with client's Incident Response, Security Operation Centre and other lines of business within the cyber security space. The Intelligence Analyst's responsibilities vary from day to day depending on external events and internal drivers for information and analysis. The analyst is expected to be self-driven and generate product on their own, post mandatory training which will be provided by Threat Intelligence a division.

Job Expectations:

- Discover and gather threat data from multiple sources using internal and external methodologies.

- Develop a methodology for threat data mining to uncover the threat actors and threat vectors.

- Maintain, develop, and continuously evaluate cyber threat intelligence,brand protection & threat intelligence/data sources

- Maintain an understanding of the overall threat landscape (cyber, malware, botnets, phishing, DDoS, physical)

- Collect, analyze, investigate, store, and disseminate indicators of compromise (IOCs), threat intelligence

- Regularly develop and produce written cyber brand and threat intelligence reports

- Provide support to the Security Incident Response Team and SOC in the effective detection, analysis, and containment of attacks, as well as researching potential IOCs and linking to intelligence

- Draft, edit, and disseminate threat intelligence information/briefs to stakeholders, executive leadership, and others

- Monitoring of security procedures and practices; recommend optimizations and improvements when gaps are identified

- Stay up to date on ever growing attack mechanisms and exploits

- Monitor Deep/Dark web forums (manually and with the help of proprietary technology) to find content infringement/ data leak and malware signatures

Knowledge/Experience:

- IDS/IPS, SIEM and AV - an understanding of the tools used to digitally secure organization

- TCP/IP, computer networking, routing and switching - an understanding of the fundamentals: the language, protocol and functioning of the internet

- ISO27001 assessment - specifications for a framework of policies and procedures that include all legal, physical and technical controls involved in an organization's risk management

- Knowledge of risk management, defense in depth, offensive vs defensive techniques, report writing, investigation skills

- Journalism background

- Researching, writing reports, proofreading presentations and articles, communications skills,

- Python, ElasticSearch, scripting, Linux/Unix

- Reverse Engineering malware, assembly language, Windows scripting

Must Have:

- Strong verbal and writing skills. Able to demonstrate ability to write clear and concise text using good English and correct grammar.

- Excellent analytical abilities and a strong ability to think critically when looking at risk

- Self-driven who can take initiative to get things done on their own without waiting to be told.

Good to have:

- Security certification (either of GCTI, CHFI, CEH, Security + etc.)

- Able to think critically to pass those exams and/or need prior security experience

- Strong analytical skills

- Sound understanding of network infrastructure and communication protocols