Connecting...

W1siziisijiwmtgvmtivmtmvmdkvmjuvntavmziyl2ljdc5qcgcixsxbinailcj0ahvtyiisijiwmdb4nzawiyjdxq
Job

Cyber Threat Intelligence Analyst

  • Job ref:

    1173436/001_1637596958

  • Location:

    Bristol, England

  • Sector:

    ICT

  • Job type:

    Permanent

  • Salary:

    £60 - £70 per annum + Company Benefits

  • Contact:

    Tom McParland

  • Email:

    tmcparland@cbsbutler.com

  • Published:

    16 days ago

  • Start date:

    ASAP

  • Consultant:

    Tom McParland

Cyber Threat Inteligence Analyst

Based in Bristol

The Opportunity

Seeking to recruit an experienced Cyber Threat Intel analyst to join our growing team in Bristol. This is a great opportunity to join a growing MSSP at an exciting time of development within the company.

Reporting to the Head of Incident Response you will be supporting and developing the delivery of our Threat Intelligence service, which will focus on enhancing internal capabilities, conducting research and analysis into ongoing threats up to the campaign level and customer projects to a client-base that spans a wide range of different industries.

Working as part of a team, successful candidates will share our values and have an interest in working with the latest technologies to provide exceptional customer service in support of our clients.

The successful candidate will be helping to develop the Threat Intelligence capabilities, both operationally and through process improvement.

Assist the monitoring team in keeping up to date the latest trends both attacker TTPs and software vulnerabilities which might affect our customers, provide assistance in incident response engagements, provide threat briefings and reports to both our internal and external customers.

Analyse data of alerts and trends to identify new or existing campaigns within our customers network.

What you will do

Responsibilities:

  • Support the generation of network and host based detection methods for our intelligence clients;

  • Dissect malware and document its capabilities;

  • Use static and dynamic analysis techniques to contribute to reporting and our knowledge base;

  • Suggest and develop tooling to improve analysis and collection capabilities;

  • Generate Mitre TTP's for analysed malware and campaigns;

  • Evaluating intelligence received from open and closed sources

  • Creating threat briefings to highlight the current threat landscape and highlighting mitigations and counter measures which can be used against the threat

  • Provide support during ongoing incident response engagements

  • Tailor threat briefings to the defined use cases

  • Establish strong and sustainable working and sharing relationships with internal Stakeholders and Customers for operational reporting and Intelligence Handling

  • Maintain a broad and current understanding of evolving threats and vulnerabilities to ensure the integrity of monitored networks is maintained in conjunction with the CIRT

  • Provide SME input into ARCHANGEL™ business development opportunities as required in order to help define potential improvements to the Service

What we are looking for

  • SIEM and IDS experience

  • Be able to be cleared to UK SC.

  • In-depth understanding of Cyber Threat Intelligence concepts; Mitre Att&ck and Diamond model

  • Malware analysis experience; static, dynamic and sandbox style analysis

  • Experience of working within technically complex environments or on a project with multiple participants.

  • Ability to assimilate information, take decisions and communicate to stakeholders.

  • Proven experience in Cyber Threat Intelligence relevant certifications are welcome but not necessary (sans, crest, etc)

  • Knowledge and understanding of up to date security threats and common exploits Understanding of the underlying protocols and data used as the basis for the security monitoring service, including: HTTP, HTTPS, SQL, TCP/IP, Active Directory

  • Knowledge and experience working with security tools used to monitor business environments (SIEM, netflow, IDS/IPS, Vulnerability Management, Advanced malware detection, EDR, AntiVirus etc).