Cyber Threat Intelligence Analyst

Role and Responsibilities

• Work as a Cyber Threat Intel Analyst in DTS Solution – HawkEye CSOC cyber command center.
• Analyze and research known indicators, correlate events, identify malicious activity, and discover new sources to provide early warning related to a variety of Cyber threats.
• Monitor Open Source information feeds and threat actor activity to identify activity levels and indicators for Cyber threats and Cyber-attacks.
• Identify Open Source Intelligence (OSINT) threats relevant to the DTS Solution – HawkEye CSOC customer’s environment and develop relevant reports.
• Provide daily (business day) collections, reviews, analysis and filtering of Open Source Intelligence (OSINT) and SOCMINT (Social Media Intelligence)
• Identify and investigate malicious actors with the interest and capability to target client and its infrastructure.
• Develop and provide a Cyber Threat Intelligence Report, Monthly Report and Quarterly Report and an Annual Report.
• Reviews all current threat intelligence feeds in use, categorizes and prioritizes by relevancy.
• Provide proactive APT hunting, incident response support, and advanced analytic capabilities.
• Analyze threat information reports and intelligence summaries, trends, gaps, and methods of operation.
• Review audit logs and identify any unusual or suspect behavior.
• Initiates ad-hoc threat intelligence work parcel assignments for Tier I/II analysts and reviews/expands the SOC daily recurring activity SOP’s.
• Develops reports that can be sent for awareness to various groups and levels of leadership.
• Engage constructively in cross-functional projects designed to improve DTS Solution – HawkEye CSOC and its customers’ security postures.
• Understanding of geo-political dynamics and how they affect the wider cyber threat landscape.
• Experience using Cyber Kill Chain.
• Expertise on in using Threat Intelligence Platforms (Recorded Future, Flashpoint, Blueliv, Anomali, ThreatIQ etc.)
• Expertise in using Digital Risk Management platforms that looks for dark web activities, breaches,
• Have a curated list of important threat intel fusion across various sources
• Knowledge on dark web and accessing dark web forums, IRCs, chat groups etc.
• Knowledge on APT groups and monitoring all activities through handlers
• Curate newsletter and social media weekly posts based on weekly activities in the cyberspace.

Qualification

• 4+ years of experience on extract and disseminate open source intelligence (OSINT)
• Regional expertise as applied to threat actors
• Familiarity with alternative analysis techniques and predictive analysis methodology
• Experience with conducting intelligence investigations and familiarity with investigative tools, including Maltego, DomainTools, and VirusTotal
• Familiarity with Threat Rating Methodology
• Experience using Threat Intelligence Platforms (TIPs)
• Active memberships with associations across the security and intelligence community

Certifications

• Certified Ethical Hacker (CEH)
• SANS Certified Intrusion Analyst (GCIA)
• SANS Certified Cyber Threat Intelligence GCTI