Job
Description
Experience, education, skills, licensure, or training required: Threat intelligence Key member of the first line of defense threat intelligence team Collect, process, and analyze threat information Manage the relationship with any external providers of threat intelligence Communicate threat intelligence to relevant stakeholders to support evidence-based decision making Support the firm s mission to build client trust and confidence regarding information security generally and threat intelligence specifically Stay abreast of industry best practices in relation to threat intelligence Knowledge of threat intelligence sources and analysis methodologies preferred Knowledge of information security standards (e.g., Cyber Essentials, ISF Standard of Good Practice for Information Security, ISO 27001, NIST Cybersecurity Framework, CIS Top 20 Controls) Maintain awareness of the cyber threat landscape and leverage automation to build better detection capabilities Analyze and validate the feasibility of exploits and their impact to Prime based on the difficulty of development/exploitation Recommend patching priorities and timelines based on proof of concepts (POCs), exploits, and the Nike threat landscape Identify, develop, and maintain access to non-standard intel sourcesWHAT YOU BRING Bachelor s degree in Information Technology, Information Security/Assurance, Engineering, or related field of study Have 6-9years of Cyber Threat Intelligence experience Experience in and understanding cyber threat modeling (eg, STRIDE) to identify potential threats Experience in intelligence frameworks and collaboration platforms (MITRE ATTCK, CAPEC, MISP, Malpedia, STIX) Expertise in honeypots/honeynets, canaries, and other active deception tools to identify network attacks Intimate knowledge about information security threat intelligence and thrive on the details of threat analysis, what s possible and what s not, how to determine what s relevant Excellent written and verbal communication skills required, communicate details in a clear, business relevant manner. Experienced in threat validation, incident response Working level knowledge of the following: Python, C, C , Assembly language (ASM) Comfortable creating YARA rules for hunting purposes Has connections within the cyber threat intelligence community, Customer-oriented focus. Take pride in being diligent and self-driven, ethics and ability to manage sensitive material are unquestionable Experience, education, skills, licensure, or training required:
Threat intelligence Key member of the first line of defense threat intelligence team Collect, process, and analyze threat information Manage the relationship with any external providers of threat intelligence Communicate threat intelligence to relevant stakeholders to support evidence-based decision making Support the firm s mission to build client trust and confidence regarding information security generally and threat intelligence specifically Stay abreast of industry best practices in relation to threat intelligence Knowledge of threat intelligence sources and analysis methodologies preferred Knowledge of information security standards (e.g., Cyber Essentials, ISF Standard of Good Practice for Information Security, ISO 27001, NIST Cybersecurity Framework, CIS Top 20 Controls) Maintain awareness of the cyber threat landscape and leverage automation to build better detection capabilities Analyze and validate the feasibility of exploits and their impact to Prime based on the difficulty of development/exploitation Recommend patching priorities and timelines based on proof of concepts (POCs), exploits, and the Nike threat landscape Identify, develop, and maintain access to non-standard intel sources WHAT YOU BRING Bachelor s degree in Information Technology, Information Security/Assurance, Engineering, or related field of study Have 6-9years of Cyber Threat Intelligence experience Experience in and understanding cyber threat modeling (eg, STRIDE) to identify potential threats Experience in intelligence frameworks and collaboration platforms (MITRE ATTCK, CAPEC, MISP, Malpedia, STIX) Expertise in honeypots/honeynets, canaries, and other active deception tools to identify network attacks Intimate knowledge about information security threat intelligence and thrive on the details of threat analysis, what s possible and what s not, how to determine what s relevant Excellent written and verbal communication skills required, communicate details in a clear, business relevant manner. Experienced in threat validation, incident response Working level knowledge of the following: Python, C, C , Assembly language (ASM) Comfortable creating YARA rules for hunting purposes Has connections within the cyber threat intelligence community, Customer-oriented focus. Take pride in being diligent and self-driven, ethics and ability to manage sensitive material are unquestionable
