£60 - £70 per annum + Company Benefits
10 months ago
Cyber Threat Inteligence Analyst
Based in Bristol
Seeking to recruit an experienced Cyber Threat Intel analyst to join our growing team in Bristol. This is a great opportunity to join a growing MSSP at an exciting time of development within the company.
Reporting to the Head of Incident Response you will be supporting and developing the delivery of our Threat Intelligence service, which will focus on enhancing internal capabilities, conducting research and analysis into ongoing threats up to the campaign level and customer projects to a client-base that spans a wide range of different industries.
Working as part of a team, successful candidates will share our values and have an interest in working with the latest technologies to provide exceptional customer service in support of our clients.
The successful candidate will be helping to develop the Threat Intelligence capabilities, both operationally and through process improvement.
Assist the monitoring team in keeping up to date the latest trends both attacker TTPs and software vulnerabilities which might affect our customers, provide assistance in incident response engagements, provide threat briefings and reports to both our internal and external customers.
Analyse data of alerts and trends to identify new or existing campaigns within our customers network.
What you will do
Support the generation of network and host based detection methods for our intelligence clients;
Dissect malware and document its capabilities;
Use static and dynamic analysis techniques to contribute to reporting and our knowledge base;
Suggest and develop tooling to improve analysis and collection capabilities;
Generate Mitre TTP's for analysed malware and campaigns;
Evaluating intelligence received from open and closed sources
Creating threat briefings to highlight the current threat landscape and highlighting mitigations and counter measures which can be used against the threat
Provide support during ongoing incident response engagements
Tailor threat briefings to the defined use cases
Establish strong and sustainable working and sharing relationships with internal Stakeholders and Customers for operational reporting and Intelligence Handling
Maintain a broad and current understanding of evolving threats and vulnerabilities to ensure the integrity of monitored networks is maintained in conjunction with the CIRT
Provide SME input into ARCHANGEL™ business development opportunities as required in order to help define potential improvements to the Service
What we are looking for
SIEM and IDS experience
Be able to be cleared to UK SC.
In-depth understanding of Cyber Threat Intelligence concepts; Mitre Att&ck and Diamond model
Malware analysis experience; static, dynamic and sandbox style analysis
Experience of working within technically complex environments or on a project with multiple participants.
Ability to assimilate information, take decisions and communicate to stakeholders.
Proven experience in Cyber Threat Intelligence relevant certifications are welcome but not necessary (sans, crest, etc)
Knowledge and understanding of up to date security threats and common exploits Understanding of the underlying protocols and data used as the basis for the security monitoring service, including: HTTP, HTTPS, SQL, TCP/IP, Active Directory
Knowledge and experience working with security tools used to monitor business environments (SIEM, netflow, IDS/IPS, Vulnerability Management, Advanced malware detection, EDR, AntiVirus etc).