Job
Description
About The Role Analyze cyber threat data from multiple sources including open-source intelligence (OSINT), internal network logs, threat feeds, and commercial threat intelligence platforms Perform the intelligence capitalization within the Group owned Threat Intelligence Platform Leverage Threat Intelligence Platforms, SIEM tools, and other security technologies to automate the collection, analysis, and dissemination of threat intelligence. Use threat modeling techniques to anticipate and prioritize potential risks based on evolving cyber threat trends. Assist with risk assessments, vulnerability management, and penetration testing efforts by providing insights into possible threat actor targeting and attack vectors. Investigate Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), and malware samples to identify emerging threats and vulnerabilities. Correlate threat data with internal logs, threat intelligence platforms, and external sources to build comprehensive threat profiles. Provide technical threat intelligence support during active security incidents, including assisting in the identification of malicious activity, threat actor attribution, and incident containment. Work closely with the Incident Response & Threat hunting team to analyze and track threat actors, their tactics, and attack methods. Participate to the tools PoC used/expected by the Team and regularly look for their relevancy given the evolution of the Group needs Apply the Business Continuity Plan for the Group Cyber Threat Intelligence Team Ensure that the SLAs are not breached Primary Skills Experience in a Cyber Threat Intelligence or related cybersecurity role (e.g., SOC Analyst, Security Researcher, Incident Responder) would be appreciated. Familiarity with open-source intelligence (OSINT) & Social Media Intelligence (SOCMINT) tools and techniques Understanding of cyber threat landscape, advanced persistent threats (APTs), and attack methodologies (e.g., MITRE ATT&CK framework). General Intelligence knowledge know the processes related to the intelligence, the confidentiality and the intelligence cycle Knowledge about intelligence capitalization, associations, and correlation Familiarity with threat intelligence platforms (e.g., OpenCTI, ThreatConnect, Anomali, MISP). Familiarity with security tools like SIEM (Splunk, QRadar) and endpoint security would be appreciated.
