Cyber Threat Intelligence Analyst

Aon
  • Location
    New York, New York
  • Sector
    Commercial
  • Experience
    Early Career / Mid Career
  • Posted
    Nov 17

Position description

The ideal candidate will exhibit a proven capacity for identifying, collecting and analyzing multiple cyber threat intelligence sources to produce vetted intelligence products for a diverse group of clients.

The position requires a deep understanding of various elements of cyber threat intelligence tradecraft, especially its technical, socio-behavioral and geopolitical dimensions. In particular, this role will focus heavily on online research of the open, deep and dark web, as well as identifying cyber intelligence trends across multiple geographies and industries. Members of the Threat Intelligence team will work together and liaise with analysts, investigators, and engineers across adjacent teams, including, but not limited to, Incident Response, Digital Forensics, Pentest/Red Teams, Investigative Research and other internal stakeholders.

Core Responsibilities 

  • Collect data from open sources and the deep/dark web to analyze technical data such as attacker TTPs, security anomalies and unique malware attributes. Pivot to related activity or information that could inform other defensive, mitigation or hardening efforts.
  • Identify, investigate and analyze significant cyber events and breach trends
  • Communicate technical details in a clear, comprehensible manner to team members and clients
  • Generate oral briefings, raw intelligence reports and finished intelligence products utilizing accepted analytic tradecraft standards
  • Utilize a variety of tools, data-sources, platforms and applications commonly leveraged in cyber intelligence collection and analysis
  • Evaluate intelligence feeds and recommend modifications or new feeds as necessary
  • Provide consultation and input to internal efforts to develop advanced tools, techniques and procedures to help mitigate risks to consulting clients

Required Analytic & Technical Skills

  • Competence in deep/dark web research and operational security
  • Experience with methods, sources, tools and subject-matter pertaining to all-source cyber threat intelligence collection and analysis
  • Proficiency in methods and techniques related to actor profiling, social network analysis and graph theory
  • Familiarity with data-mining techniques and tools
  • Knowledge of diverse standards and taxonomies related to cyber threat intelligence

Qualifications

  • Candidates with CREST Certified Threat Intelligence Analyst or Manager certifications are strongly urged to apply
  • Proven history of innovative research capability in red teaming, malware analysis or reverse engineering
  • One or more years of experience in network/system administration or working in a security operations center environment
  • Familiarity with STIX, TAXII, and JSON
  • Ability and interest to learn other new skills as required, including database technologies and new scripting and programming languages (i.e. C, Python)
  • Preference for fluency in foreign languages (i.e. Russian, Mandarin, Arabic, Farsi, Italian or German)

Work Experience 

  • Two or more years of experience conducting cyber intelligence analysis or cyber security engineering in the private sector, consulting or government/military/law enforcement sectors
  • Experience researching regional cyber security issues (i.e. Asia, Russia, Middle East)

Education:

  • BA/BSc or higher degree in Computer Science, Cyber Security, Data Analytics, Political Science, International Relations or social sciences preferred. Exceptions can be made for candidates exhibiting comparable experience and ability

Application instructions

Please be sure to indicate that you saw this position on Globaljobs.org