Dark Web Analyst - Monitoring (L1/L2 Support)

About Cyble:

Cyble is revolutionizing the landscape of cybersecurity intelligence. Founded in 2019, Cyble began as a visionary college project and has quickly transformed into a leading force in proactive cyber threat detection and mitigation, that is now globally significant, with people in 20 countries - Headquartered in Alpharetta, Georgia, and with offices in Australia, Malaysia, Singapore, Dubai, Saudi Arabia and India

Our mission:

At Cyble, artificial intelligence (AI) and innovation are central to all operations, with a commitment to continuous improvement and excellence in both products and business practices. Cyble values inclusivity, offering team members autonomy and flexibility to balance their professional and personal lives. Cyble fosters a culture where employees voices are heard, contributions are recognized, and everyone is encouraged to be part of something extraordinary.

About the Role:

Dark Web Analyst

What You'll Do At CYBLE:

• Proactively discover, monitor, and triage underground forums, dark web marketplaces, instant messaging channels, and social media platforms to identify potential cybercrime or threat activities.
• Analyse potential cybercrime activities to detect serious threats and research emerging trends.
• Proactively track activities of financially motivated threat actors, state-backed threat actors and actors targeting a clientele or a prospect region.
• Conduct threat research to identify motivation, goals, targets, capabilities, and modus operandi (tactics, techniques, and procedures) of the cyber threat actors and groups using conventional and unconventional threat intelligence methods.
• Collate threat research findings and assessments into deliverables for dissemination of timely intelligence.
• Provide incident management and threat research support to clientele.
• Provide research and intelligence support with respect to internal and external ad-hoc requests.
• Collaborate with global teams for information exchange and joint research.

What You’ll Need:

Mandatory Work Requirements:

• Must be able to work during either Indian Standard Time or United States Time Zones – (Pacific Standard Time, Central Standard Time, Eastern Standard Time)
• Willing to work in rotating shifts and weekends to support 24x7 operations (Days-off during weekdays)

Skills and Qualifications Required:

• Excellent understanding of cyber security concepts, modern threat landscape and intelligence framework.
• Good knowledge in cybercrime methodologies and TTPs opted by the financially motivated and state sponsored threat actors and groups.
• Experience in cyber tradecraft and online persona management (sock puppets) for gathering closed sources information from the underground forums.
• Experience in open-source intelligence (OSINT) research.
• Experience in writing analytical and intelligence reports.
• Experience in handling investigations on the given artifacts or IoCs related to malicious campaigns such as phishing, ransomware, financial frauds.
• Experience in investigating and analysing suspicious IP addresses, domains, and malicious infrastructure.
• Hands-on experience in Maltego, Shodan, Google Earth, Whois, Search Engines, VirusTotal or other OSINT tools for relevant investigations.
• Good understanding of MITRE ATT&CK framework.
• Good understanding of operational security (OPSEC).
• Good in verbal communication and writing skills.
• Understanding of vulnerability assessment & penetration testing (VAPT) methods and red-teaming tools.
• A passionate individual, self-starter with ability to drive independent research.

Other Desirable Qualifications:

• Former experience in law enforcement operations, or experience in supporting intelligence operations.
• Credible cyber security certification (CompTIA Security+, CISSP, or equivalent) is a plus.

Optional Qualifications:

• Experience in malware research and reverse engineering.
• Understanding of geopolitical matters and intelligence aspects.
• Multilingual Proficiency – Mandarin/Spanish/French/Arabic.

If you like working in an inclusive environment, you want to advance your career quickly, and your opinion is valued, look no further than Cyble, Inc. We are young, hungry, and ready to impact the cyber security landscape!

Cyble, Inc. takes into consideration an individual’s skillset, experience and location in making final salary determination.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected Veteran status age, or genetics, or any other characteristic protected by law.