Threat Intel Analyst

IBM (Posted 22 Jun 22)

Your Role and Responsibilities Introduction: Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant/Threat Intel Analyst, you will be a key advisor for IBM’s clients, analysing business requirements to design and implement the best security solutions for their needs. You will apply your skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world. Role And Responsibilities (internal Facing Only)

• Recognize, research, and analyse various threat actor groups/attack patterns, tactics, techniques and procedures (TTPs).

• Analyse threats across the enterprise by combining security rules, content, policy and relevant datasets.

• Demonstrate systems thinking; synthesize and communicate complex topics (such as threat intelligence through the intelligence process).

• Conduct cyber threat modelling to improve threat detection & mitigation.

• Collaborate in a virtual team and interface with stakeholders in the SOC, Threat Hunt, Incident Response, Platform, Red Teams and Business Information Security Officers.

• Co-ordinate with other security focal points during an active incident

• Define Priority Intelligence Requirements.

• Answer Priority Intelligence Requirements by defining open-source monitoring and detection rules.

• Disseminate intelligence based upon tactical, technical or strategic needs.

• Execute the Intelligence’s team collection plan

• Produce and disseminate intelligence products to stakeholders.

• Participate in Cyber Intelligence Preparation of the Battlefield (IPB) exercises

• Prepare and brief CISO leadership on the cyber threat landscape.Introduction: Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant/Threat Intel Analyst, you will be a key advisor for IBM’s clients, analysing business requirements to design and implement the best security solutions for their needs. You will apply your skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Required Technical and Professional Expertise

• 2 years’ experience working with a SOAR (i.e Threat Connect)

• 2 years’ experience with threat models such as Kill Chain or MITRE ATT&CK

• 2 years’ experience in executing the Intelligence cycle from planning to dissemination

• Knowledge of security controls, how they can be monitored, and thwarted

• Knowledge of network forensics: network traffic protocols, traffic analysis (i.e. Network flows and PCAP), intrusion detection

• Knowledge on Query structures such as Regular Expression or YARA

• Basic knowledge on scripting languages like Bash, Python and PowerShell, etc

• Understanding of OSI layers

• Strong communication skills both written and verbally