Cyber Threat Intelligence Specialist
A Global Insurance client of mine are looking for an experienced technical Cyber Threat Intelligence Specialist to help build out their newly formed CTI function, leading in the collection, analysis and investigation of open source intelligence covering security threats, vulnerabilities and malware samples.
This is an excellent opportunity for a Cyber Threat Intelligence Specialist to work directly alongside the Head of CTI in creating a best in class threat intelligence capability, whilst interacting and collaborating with other industry experts in knowledge sharing groups and initiatives.
- Perform open source intelligence gathering and analysis, identifying indications of cyber threats, malicious code and other vulnerabilities.
- Perform advanced investigations into potential security incidents, including cyber forensic investigations, malware analysis and other cyber incident response activities.
- Produce reports on cyber threats, attacks and incidents of interest to the company.
- Engage with cyber threat intelligence vendors, partners, forums, agencies and peer companies, serving as the Cyber Threat Intelligence SME representing the company.
- Produce timely, accurate and comprehensive information to key stakeholders in the business both technically and verbally, translating technical concepts into business risks.
Key Skills & Requirements
- Experience analysing malware, hacking tools and threat actor techniques and procedures in order to characterise threat actors' technical methods for accomplishing their aims.
- Experience developing and maintaining threat intelligence, reviewing information to determine its significance, validating its accuracy and assessing its reliability.
- Strong knowledge of industry recognised frameworks - Cyber Kill-Chain, MITRE ATT&CK, NIST, Diamond Method, etc.
- Experience performing packet capture analysis with knowledge of packet flows, TCP & UDP traffic, IDS/IPS systems and other security monitoring/investigative toolsets.
- Strong working knowledge of security and networking fundamentals including network protocols, ports, TCP/IP protocols and application layer protocols.
- Experience working in a global team environment.
- Knowledge of cloud security and incident response in a cloud environment.