Job
Description
Key Monitor and analyze threat intelligence using tools such as ZeroFox, Digital Shadows, or similar platforms. Write comprehensive and technical cybersecurity reports with strong attention to detail. Utilize OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search for threat intelligence gathering. Develop, sustain, and enrich custom threat intelligence feeds using platforms like MISP, with scripting in Python, Azure, and Linux. Manage threat intelligence feeds using platforms such as Anomali, ThreatQ, Cyble, Cyware, OpenCTI, and MISP. Integrate threat intelligence feeds into common SIEMs, particularly Microsoft Sentinel. Execute domain and social media account takedowns as necessary. Create custom, in-depth reports specific to client requirements. Apply knowledge of MITRE ATTCK, D3F3ND frameworks, and the Cyber Kill Chain in threat analysis. Utilize Excel and/or Power BI for data visualization and graph creation. Experience with excel data cleansing, VLookups, Pivot Tables Prepare and deliver PowerPoint presentations and reports to stakeholders. Maintain strong verbal and written communication skills in English. Work independently under pressure and prioritize tasks effectively. Be available for on-call duties for high-priority urgent tasks. Collaborate with Managed Security Service Providers (MSSPs) for backend and client-facing work. Qualifications Minimum of 3 years of experience with threat intelligence monitoring tools. At least 1 year of experience in threat intelligence report writing. Proficiency with OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search. Experience with scripting in Python, Azure, and Linux. Familiarity with one or more threat intelligence platforms for feed management. Experience integrating threat intelligence feeds into SIEMs, especially Microsoft Sentinel. Proven experience with domain and social media account takedowns. Strong understanding of MITRE ATTCK, D3F3ND frameworks, and the Cyber Kill Chain. Excellent English writing skills. Proficiency in Excel and/or Power BI for data visualization. Strong experience with PowerPoint presentations and reporting. Strong verbal English and presentation skills. Cybersecurity certifications (e.g., COMPTIA, SANS GIAC, ISC, EC-Council) are a plus. Certifications specific to cyber threat intelligence are an asset. Ability to work in the EST timezone (evening shift for overlap with onshore/client team ). Strong analytical skills and ability to prioritize tasks effectively. Experience working with MSSPs for backend and client-facing work. Preferred Skills Experience with additional threat intelligence platforms. Advanced technical writing and reporting skills. Strong analytical and problem-solving abilities. Ability to work independently and as part of a team. What we look for People with the ability to work in a collaborative manner to provide services across multiple client departments while following the commercial and legal requirements. You will need a practical approach to solving issues and complex problems with the ability to deliver insightful and practical solutions. We look for people who are agile, curious, mindful and able to sustain postivie energy, while being adaptable and creative in their approach.
