Morgan McKinley is partnering with a leading financial services client in recruiting for a Senior Analyst as part of a Global Cyber Threat Intelligence team
Key Responsibilities
Lead the research, development and implementation of detection rules based on a solid understanding of Cyber adversary TTPs (tactics, techniques and procedures).
Maintain comprehensive threat actor profiles for priority threat groups.
Assist with all aspects of threat intelligence management, including setting PIRs (Priority Intelligence Requirements), collection planning and capability development.
Triage, investigate and remediate threat intelligence-derived security events.
Mentor and develop cyber threat intelligence analysts.
Partner with other Security Operations teams and the wider Cyber Security teams to conduct threat intelligence-derived investigations.
Identify and evaluate new sources of intelligence, and integrate them into monitoring technologies.
Develop critical intelligence partnerships to develop and curate high-quality threat analysis and indicators.
Perform cyber threat intelligence activities across the intelligence lifecycle, maintaining a standard of the highest quality and confidentiality across multiple geographies.
Stay up to date with current vulnerabilities, attacks, and countermeasures.
Technical / job functional knowledge
Significant knowledge and experience of researching and tracking Cyber threat actors, their tools, techniques and procedures and direct experience of emerging threats across the threat landscape.
Excellent grasp of current geo-political environment and influencing factor on the Cyber threat environment.
Background in collecting, analysing, and interpreting data from various sources, detailing the results and preparing substantial analysis products.
Direct experience using open-source intelligence techniques and platforms.
Hands-on experience with common Threat Intelligence Platforms (TIP) and curation of technical intelligence content.
Practical experience of malware analysis, digital forensics or threat hunting.
Demonstrable working knowledge of networks including the TCP/IP stack, typical organisation architectures, and common protocols abused by malware.
Experience in security event analysis and triage, incident handling and root-cause identification.