Senior Cyber Threat Intelligence Analyst - Dublin
Posted on Oct 31, 2020 by E-Frontiers
- An experienced Senior or Lead Cyber Threat Intelligence Analyst with at least seven years direct, operational experience
- Direct and detailed understanding and experience with numerous types of information security incidents, attacks, and events.
- Previous direct use of CTI methodologies such as investigative pivoting models, investigative frameworks, as well as MITRE ATT&CK, and the Extended Cyber Kill Chain.
- Ideally have previous experience writing and using scripted tooling in support of intelligence collection.
- Familiarity with major cognitive bias types, and the ability to identify those cognitive biases when researching.
- Previous experience with competing hypothesis theory, and use of different tools to score those hypotheses.
- A demonstrated ability to analyse, evaluate, and contextualise sets of information, using analytical techniques and common industry tooling.
- Experience in open source collection, use of online tools, experience querying internal databases of information in support of investigative efforts.
- Professional experience writing short and long form reporting to a specified, technical writing style.
- A high level of professionalism, focus, and emotional maturity.
- Prior employment in a SOC/Operations Centre, or experience with Incident Response, network intrusion, pen-testing, malware analysis, or other related Information Security functions would be preferred.
- Experience Mapping, Tracking and/or threat hunting
- Detailed understanding of the Threat Landscape, ideally from a financial services perspective
- Ideally exposure to and experience with MISP, VT, Maltego, PassiveTotal and DomainTools
Training and Qualifications
- Ideally completed the DIAC/DIAM/GIAC course or other advanced analytical techniques training.
- Ideally OSIRIS or similar Open Source intelligence or Social Media analysis training.
- SANS, GIAC, Crest or other Threat Intelligence accreditations are also highly desirable.
- Strong communicator with experience of taking complex technical findings and translating into clear business impact.
- Previous work on threat intelligence engagements such as TIBER, CBEST, iCAST etc. could be an advantage
- Knowledge of Scripting or coding languages such as SQL, Python, Java, C++, or another.
- Experience with Threat Intelligence Platforms such as MISP or OpenCTI.