I am looking to hire a Senior Cyber Threat Intelligence Analyst, on behalf of a Professional Services organisation to support a Global Threat Intelligence team for a London-based Client. You will be based remotely, but required on-site in London, once government guidelines allow. Reporting to the Head of Threat Intelligence, you will be expected to provide support in the following areas: Carry out technical research and intelligence analysis of threats relevant to the finance industry, business, and any related technologies. It is expected that you will have an awareness of industry trends and frameworks and how they could impact the business (threat actor groups,TTPs, intrusion activities, and geopolitical relevance).
You will be responsible for collecting, processing and broadcasting cyber threat intelligence from varying sources (open source reports, information sharing partners, and vendor reports to create actionable results for internal stakeholders). Coordinate and produce strategic and tactical intelligence products for business units, technical teams and executive stakeholders. Provide situational awareness on current threat landscape and maintain knowledge of adversary activities including TTPs to brief team members and senior decision leaders. Assess emerging threats against our operational environment and work in partnership with the security teams for mitigation/remediation.
Perform trend and correlation of cyber intelligence for recommendation-based countermeasures. Support and engage in incident response investigations and threat hunting activities. Conduct research to develop and refine quires in Splunk for the purpose of identifying malicious activity. Contribute to improving the process through identification of process gaps and improvement opportunities.
Skills/Experience: Minimum of 2 – 5 years relevant commercial experience in threat intelligence and cyber intelligence analysis. Subject matter expertise in nation-states linked to APT groups (particularly China, Russia, and North Korea) TTPs Experience with MITRE ATT&CK framework and Kill Chain Strong ability to convey complex technical and non-technical concepts Expert understanding the intelligence life-cycle Deep knowledge of analytical tradecraft, intelligence analysis, and writing techniques and methodologies, critical thinking skills, and open source intelligence gathering techniques Bachelor’s Degree in security studies, Intelligence Studies, International Relations, Economics, Computer Science, or related discipline Security certification such as SANS GIAC (or equivalent); ideally GCTI or working towards certification is desired. Any commercial experience with the Military/Government in cyber or threat intelligence would be highly advantageous Antrusion, network, or malware analysis skills and familiarity with associated tools, including Splunk, Wireshark, YARA and/or Snort, IDA Pro, Tanium, Threat Intelligence Platforms (TIPs) is also desirable Professional fluency (specifically reading) in a target foreign language; with preference for Chinese (Mandarin/Cantonese), Korean, Russian, Farsi, and/or Arabic. Please apply online with your CV.
Source: Cantonese Jobs | Indeed.co.uk