Job Description

CTI & Brand Protection (Shadowmap)

• Collect, analyze, and evaluate information from various sources to identify and understand potential cyber threats, including indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and emerging vulnerabilities.
• Conduct in-depth research and analysis of threat actors, campaigns, and their motivations, providing insights into their methodologies, capabilities, and intent.
• Collaborate with internal teams and external partners to gather and validate intelligence, ensuring accuracy, relevance, and timeliness of threat information.
• Design, implement, and manage the infrastructure and tools necessary for effective cyber threat intelligence collection, analysis, and dissemination.
• Develop and maintain automated systems for threat data ingestion, enrichment, and correlation, leveraging APIs, threat feeds, and open-source intelligence (OSINT) sources.
• Implement and optimize threat intelligence platforms, such as threat intelligence management systems (TMS), threat intelligence platforms (TIP), and security information and event management (SIEM) solutions.
• Collaborate with the incident response team to provide timely and accurate threat intelligence during security incidents, aiding in containment, eradication, and recovery efforts.
• Contribute to the creation and refinement of threat hunting methodologies to proactively identify and neutralize threats.
• Produce concise and actionable threat intelligence reports, briefings, and presentations for various stakeholders, including executive leadership, technical teams, and external partners.
• Stay abreast of the latest cyber threat trends, attack vectors, and evolving techniques through industry forums, conferences, and professional networks.
• Share knowledge and expertise within the organization through training sessions, workshops, and technical documentation.
• Develop and execute comprehensive brand protection strategies to prevent and mitigate risks related to counterfeiting, trademark infringement, and unauthorized use of our brand assets.
• Conduct regular assessments to identify vulnerabilities and emerging threats to our brand, analyzing market trends, competitor activities, and customer feedback.
• Collaborate with cross-functional teams, including legal, marketing, and product development, to align brand protection efforts with overall business goals.
• Implement and maintain online brand monitoring tools and services to identify instances of brand abuse, counterfeit products, unauthorized resellers, and trademark infringements.
• Monitor online marketplaces, social media platforms, websites, and digital advertising channels for unauthorized use of our brand and intellectual property.
• Take proactive measures to enforce our brand rights, such as issuing takedown notices, cease-and-desist letters, and collaborating with legal authorities when necessary.
• Conduct investigations and intelligence gathering to identify the sources, networks, and individuals involved in brand abuse activities.
• Collect and analyze evidence to build cases against counterfeiters, infringers, and unauthorized sellers, supporting legal actions and law enforcement engagement.
• Stay updated on emerging trends and tactics used by infringers, leveraging market intelligence and collaborating with industry partners to strengthen brand protection measures.
• Prepare regular reports and metrics on brand protection activities, highlighting key findings, enforcement actions, and the effectiveness of brand protection initiatives.
• Utilize data and analytics to identify trends, patterns, and areas of improvement, making recommendations for enhancing brand protection strategies.

• Bachelor\'s degree in computer science, Information Security, or a related field (or equivalent experience).
• Proven experience as a SIEM Platform Administrator or similar role.
• In-depth knowledge of SIEM concepts, architecture, and best practices.
• Proficiency in managing and administering leading SIEM platforms, such as Splunk, ArcSight, or QRadar.
• Strong understanding of network protocols, security technologies, and log formats.
• Experience with incident detection and response methodologies.
• Familiarity with scripting languages (e.g., Python, PowerShell) for automation and data manipulation.
• Excellent analytical and problem-solving skills.
• Strong communication and collaboration abilities.
• Relevant certifications (e.g., Splunk Certified Administrator, CISSP) are a plus.