Cyber Threat Intelligence
- Andhra Pradesh Hyderabad, Telangana
- Permanent
- Full-time
Role name: Developer
Role Description: Ability to communicate intelligence and analysis of cyber threats in various forms (written production; briefings) for a senior-level audience• GCTI, or equivalent experience with: • common frameworks used for threat intelligence (e.g. Kill Chain, Diamond Model, MITRE Telecommunication&CK).• adversarial TTPs within the context of the Cyber Kill Chain, Diamond Model Intrusion Analysis, MITRE Telecommunication&CK methodologies, or equivalent • Ability to develop specific expertise, discern patterns of complex threat actor behavior, and communicate an understanding of current and developing cyber threats• Expert understanding of cyber threat intelligence concepts and processes.• Expert ability to analyze cyber threat activity and develop relevant recommendations.• Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources• Strong knowledge of networking concepts • Threat Client Platform (TIP) experience – Anomali, Recorded Futures, Threat Connect or other TIP experience• Strong knowledge with enterprise logging/SIEM solutions (e.g. Splunk), intelligence and analysis tools (e.g. Maltego), Threat Intelligence Platforms/TIP (e.g. Anomali), security orchestration tools (XSAOR) and OSINT aggregators• Strong knowledge of the Mitre Telecommunication&ck Framework• Familiarity with Recorded Future, RiskIQ, IDS/IPS, and load balancing technologies• Familiarity with cloud solutions (e.g. Azure, AWS, etc.)• Familiarity with malware analysis and network-based forensics tools • Preferred:• Hold SANS GCTI Certification• Strong knowledge of STIX/TAXII• Familiarity with cyber threats targeting the US financial sector (Nation States, Cybercrime, Hacktivists, etc.) and their associated TTPs. Job Description/Duties:• Identify and track targeted intrusion cyber threats, trends, and new developments by cyber threat actors through analysis of internal and external data.• Identify intelligence gaps and submit requests for information to fill gaps• Identify emerging threats effecting the financial services industry and develop analytical threat models• Conduct briefings as needed for a variety of levels of internal customers as requested • Work closely with functional senior leaders to ensure threat intelligence analysis and products are mapped to prioritized corporate assets and risks• Work in coordination with external entities such as ISACs, law enforcement, the intelligence community, and other government agencies• Prioritize, categorize, and respond to requests for information from internal customers• Perform threat hunting based on emerging threats• Perform retro hunting based on known threat actor IOCs• Conduct threat analysis to determine gaps in the company's security posture based on current and merging threats• Provide finished intelligence analysis to internal customers through written reporting• Work with business units to develop security priorities/needs• Work with various teams to develop alerting rule
Competencies: Cyber threat Intelligence, Cyber Security - GRC - Data Security
Experience (Years): 4-6