Job Description

JD for Cyber Threat Intelligence.
Role name: Developer
Role Description: Ability to communicate intelligence and analysis of cyber threats in various forms (written production; briefings) for a senior-level audienceo GCTI, or equivalent experience with: o common frameworks used for threat intelligence (e.g. Kill Chain, Diamond Model, MITRE Telecommunication&CK).o adversarial TTPs within the context of the Cyber Kill Chain, Diamond Model Intrusion Analysis, MITRE Telecommunication&CK methodologies, or equivalent o Ability to develop specific expertise, discern patterns of complex threat actor behavior, and communicate an understanding of current and developing cyber threatso Expert understanding of cyber threat intelligence concepts and processes.o Expert ability to analyze cyber threat activity and develop relevant recommendations.o Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sourceso Strong knowledge of networking concepts o Threat Client Platform (TIP) experience - Anomali, Recorded Futures, Threat Connect or other TIP experienceo Strong knowledge with enterprise logging/SIEM solutions (e.g. Splunk), intelligence and analysis tools (e.g. Maltego), Threat Intelligence Platforms/TIP (e.g. Anomali), security orchestration tools (XSAOR) and OSINT aggregatorso Strong knowledge of the Mitre Telecommunication&ck Frameworko Familiarity with Recorded Future, RiskIQ, IDS/IPS, and load balancing technologieso Familiarity with cloud solutions (e.g. Azure, AWS, etc.)o Familiarity with malware analysis and network-based forensics tools o Preferred:o Hold SANS GCTI Certificationo Strong knowledge of STIX/TAXIIo Familiarity with cyber threats targeting the US financial sector (Nation States, Cybercrime, Hacktivists, etc.) and their associated TTPs. /Duties:o Identify and track targeted intrusion cyber threats, trends, and new developments by cyber threat actors through analysis of internal and external data.o Identify intelligence gaps and submit requests for information to fill gapso Identify emerging threats effecting the financial services industry and develop analytical threat modelso Conduct briefings as needed for a variety of levels of internal customers as requested o Work closely with functional senior leaders to ensure threat intelligence analysis and products are mapped to prioritized corporate assets and riskso Work in coordination with external entities such as ISACs, law enforcement, the intelligence community, and other government agencieso Prioritize, categorize, and respond to requests for information from internal customerso Perform threat hunting based on emerging threatso Perform retro hunting based on known threat actor IOCso Conduct threat analysis to determine gaps in the company's security posture based on current and merging threatso Provide finished intelligence analysis to internal customers through written reportingo Work with business units to develop security priorities/needso Work with various teams to develop alerting rule
Competencies: Cyber threat Intelligence, Cyber Security - GRC - Data Security
Experience (Years): 4-6