Cyber Threat Intelligence Manager
About the role:
A new and exciting opportunity has emerged in search for a Cyber Threat Intelligence Manager, to work for a market leading insurance company in London, building out a cyber threat intelligence function, providing technical reports and recommendations.
This position is open to a successful individual to work within a green field function, building their Cyber Threat Intelligence function from scratch, working very closely along side the SOC and CIRT teams.
- Conducting a variety of threat intelligence activities, including deep dive analysis from forensics and malware investigations, investigating potential security incidents.
- Ensuring timely responses to all cyber incidents, minimising the risk exposure and production down time.
- Analyse and correlate incident data to develop a preliminary root cause and corresponding remediation strategy.
- Utilise incident response playbooks to follow established and repeatable processes for triaging and containment of an incident.
- Provide timely, comprehensive and accurate information to the key stakeholders in both written and verbal communications.
- Develop and update incident response playbooks, monitoring requirements and to ensure response activities align with best practices, minimise gaps in response and provide comprehensive mitigation of threats.
Key Skills & Requirements:
- Previous experience from building a Cyber Threat Intelligence function from scratch.
- Extensive experience within both technical and strategical aspects of Cyber Threat Intelligence.
- Extensive knowledge of security relevant data, such as; Network protocols, ports and common services such as TCP/IP protocols and application layer protocols (e.g., HTTP/S, DNS, FTP, SMTP, etc.)
- Knowledge of privilege escalation, persistence and lateral movement techniques.
- Knowledge of common malware and exploit tools and techniques.
- Experience of Information Technology experience with Windows OS platforms.
- Knowledge of Cloud security and incident response in a Cloud environment.
- Able to report technical details to non-technical personnel.
- Experience in developing and maintaining Threat Intelligence.