Remote
Cyber Threat Intelligence Analyst
Equiliem | |
United States, Illinois | |
Nov 22, 2024 | |
We are seeking a skilled Cyber Threat Intelligence Analyst with hands-on experience in relevant areas such as threat hunting, purple teaming, security engineering, and/or incident response. If you're passionate about cybersecurity, proactive in identifying threats, and adept at engineering robust security solutions, we want to hear from you.
Key Responsibilities: o Collect, analyze, and disseminate actionable threat intelligence from open sources, private feeds, and internal telemetry. o Track threat actor activity, tactics, techniques, and procedures (TTPs) to assess potential risks to the organization. o Develop and maintain threat intelligence reports, including analysis of relevant threat actors, CVEs, exploits, and malware. o Conduct proactive threat hunts to identify malicious activity within the organization's environment. o Develop and execute hypotheses based on threat intelligence, behavioral analytics, and organizational risk. o Utilize advanced tools such as EDR/XDR, SIEM, SOAR, and threat intelligence platforms (TIPs) to identify indicators of compromise (IOCs). o Design, deploy, and/or manage technologies that support CTI, threat hunting, and purple team initiatives such as MISP, OpenCTI, Vectr.io, and ServiceNow (SNOW) for CTI and purple teaming. o Develop integrations between tools to enhance threat intelligence workflows and operational efficiency. o Collaborate with other security and IT teams to enhance monitoring, detection, and response capabilities. o Create and optimize security use cases, rules, and dashboards for continuous monitoring. Required Qualifications: * Bachelor's degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). * 3+ years of experience in cybersecurity roles, with a focus on threat intelligence, threat hunting, or security engineering. * Hands-on experience with tools such as Splunk, ELK Stack, ThreatConnect, MISP, Anomali, or other threat intelligence platforms. * Proficiency in scripting languages (e.g., Python, PowerShell) for automating tasks. * Deep understanding of TTPs, MITRE Telecommunication&CK framework, and IOC analysis. * Familiarity with vulnerability management processes and patching prioritization. * Travel - Occasional, based on issues, system requirements, training, etc. Preferred Qualifications: * Master's degree in a relevant field. * Relevant certifications such as GCTI, CPTIA, CRTIA, CCTIA, GREM, OSCP, CEH, or CISSP. * Experience with cloud security platforms and tools (e.g., AWS, Azure, GCP). * Knowledge of reverse engineering or malware analysis. * Experience deploying and managing CTI and purple team platforms such as Vectr.io, OpenCTI, MISP, Cortex, or ServiceNow. Key Competencies: * Strong analytical and problem-solving skills. * Ability to work independently and within a team. * Excellent communication skills, with the ability to translate technical findings into business-level context. * Continuous learning mindset and adaptability to evolving threats and technologies. |