We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results
Remote

Cyber Threat Intelligence Analyst

Equiliem
United States, Illinois
Nov 22, 2024
We are seeking a skilled Cyber Threat Intelligence Analyst with hands-on experience in relevant areas such as threat hunting, purple teaming, security engineering, and/or incident response. If you're passionate about cybersecurity, proactive in identifying threats, and adept at engineering robust security solutions, we want to hear from you.

Key Responsibilities:

o Collect, analyze, and disseminate actionable threat intelligence from open sources, private feeds, and internal telemetry.

o Track threat actor activity, tactics, techniques, and procedures (TTPs) to assess potential risks to the organization.

o Develop and maintain threat intelligence reports, including analysis of relevant threat actors, CVEs, exploits, and malware.

o Conduct proactive threat hunts to identify malicious activity within the organization's environment.

o Develop and execute hypotheses based on threat intelligence, behavioral analytics, and organizational risk.

o Utilize advanced tools such as EDR/XDR, SIEM, SOAR, and threat intelligence platforms (TIPs) to identify indicators of compromise (IOCs).

o Design, deploy, and/or manage technologies that support CTI, threat hunting, and purple team initiatives such as MISP, OpenCTI, Vectr.io, and ServiceNow (SNOW) for CTI and purple teaming.

o Develop integrations between tools to enhance threat intelligence workflows and operational efficiency.

o Collaborate with other security and IT teams to enhance monitoring, detection, and response capabilities.

o Create and optimize security use cases, rules, and dashboards for continuous monitoring.

Required Qualifications:

* Bachelor's degree in Cybersecurity, Computer Science, or a related field (or equivalent experience).

* 3+ years of experience in cybersecurity roles, with a focus on threat intelligence, threat hunting, or security engineering.

* Hands-on experience with tools such as Splunk, ELK Stack, ThreatConnect, MISP, Anomali, or other threat intelligence platforms.

* Proficiency in scripting languages (e.g., Python, PowerShell) for automating tasks.

* Deep understanding of TTPs, MITRE Telecommunication&CK framework, and IOC analysis.

* Familiarity with vulnerability management processes and patching prioritization.

* Travel - Occasional, based on issues, system requirements, training, etc.

Preferred Qualifications:

* Master's degree in a relevant field.

* Relevant certifications such as GCTI, CPTIA, CRTIA, CCTIA, GREM, OSCP, CEH, or CISSP.

* Experience with cloud security platforms and tools (e.g., AWS, Azure, GCP).

* Knowledge of reverse engineering or malware analysis.

* Experience deploying and managing CTI and purple team platforms such as Vectr.io, OpenCTI, MISP, Cortex, or ServiceNow.

Key Competencies:

* Strong analytical and problem-solving skills.

* Ability to work independently and within a team.

* Excellent communication skills, with the ability to translate technical findings into business-level context.

* Continuous learning mindset and adaptability to evolving threats and technologies.
Applied = 0

(web-5584d87848-99x5x)