HAWKEYE - DTS Solution
Role and Responsibilities
- Work as a Cyber Threat Intel Analyst in DTS Solution – HawkEye CSOC cyber command center.
- Analyze and research known indicators, correlate events, identify malicious activity, and discover new sources to provide early warning related to a variety of Cyber threats.
- Monitor Open Source information feeds and threat actor activity to identify activity levels and indicators for Cyber threats and Cyber-attacks.
- Identify Open Source Intelligence (OSINT) threats relevant to the DTS Solution – HawkEye CSOC customer’s environment and develop relevant reports.
- Provide daily (business day) collections, reviews, analysis and filtering of Open Source Intelligence (OSINT) and SOCMINT (Social Media Intelligence)
- Identify and investigate malicious actors with the interest and capability to target client and its infrastructure.
- Develop and provide a Cyber Threat Intelligence Report, Monthly Report and Quarterly Report and an Annual Report.
- Reviews all current threat intelligence feeds in use, categorizes and prioritizes by relevancy.
- Provide proactive APT hunting, incident response support, and advanced analytic capabilities.
- Analyze threat information reports and intelligence summaries, trends, gaps, and methods of operation.
- Review audit logs and identify any unusual or suspect behavior.
- Initiates ad-hoc threat intelligence work parcel assignments for Tier I/II analysts and reviews/expands the SOC daily recurring activity SOP’s.
- Develops reports that can be sent for awareness to various groups and levels of leadership.
- Engage constructively in cross-functional projects designed to improve DTS Solution – HawkEye CSOC and its customers’ security postures.
- Understanding of geo-political dynamics and how they affect the wider cyber threat landscape.
- Experience using Cyber Kill Chain.
- Expertise on in using Threat Intelligence Platforms (Recorded Future, Flashpoint, Blueliv, Anomali, ThreatIQ etc.)
- Expertise in using Digital Risk Management platforms that looks for dark web activities, breaches,
- Have a curated list of important threat intel fusion across various sources
- Knowledge on dark web and accessing dark web forums, IRCs, chat groups etc.
- Knowledge on APT groups and monitoring all activities through handlers
- Curate newsletter and social media weekly posts based on weekly activities in the cyberspace.
- 4+ years of experience on extract and disseminate open source intelligence (OSINT)
- Regional expertise as applied to threat actors
- Familiarity with alternative analysis techniques and predictive analysis methodology
- Experience with conducting intelligence investigations and familiarity with investigative tools, including Maltego, DomainTools, and VirusTotal
- Familiarity with Threat Rating Methodology
- Experience using Threat Intelligence Platforms (TIPs)
- Active memberships with associations across the security and intelligence community
- Certified Ethical Hacker (CEH)
- SANS Certified Intrusion Analyst (GCIA)
- SANS Certified Cyber Threat Intelligence GCTI
To apply for this job email your details to firstname.lastname@example.org