Threat Intel Analyst
IBM (Posted 22 Jun 22)
Your Role and Responsibilities Introduction: Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant/Threat Intel Analyst, you will be a key advisor for IBM’s clients, analysing business requirements to design and implement the best security solutions for their needs. You will apply your skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world. Role And Responsibilities (internal Facing Only)
Recognize, research, and analyse various threat actor groups/attack patterns, tactics, techniques and procedures (TTPs).
Analyse threats across the enterprise by combining security rules, content, policy and relevant datasets.
Demonstrate systems thinking; synthesize and communicate complex topics (such as threat intelligence through the intelligence process).
Conduct cyber threat modelling to improve threat detection & mitigation.
Collaborate in a virtual team and interface with stakeholders in the SOC, Threat Hunt, Incident Response, Platform, Red Teams and Business Information Security Officers.
Co-ordinate with other security focal points during an active incident
Define Priority Intelligence Requirements.
Answer Priority Intelligence Requirements by defining open-source monitoring and detection rules.
Disseminate intelligence based upon tactical, technical or strategic needs.
Execute the Intelligence’s team collection plan
Produce and disseminate intelligence products to stakeholders.
Participate in Cyber Intelligence Preparation of the Battlefield (IPB) exercises
Prepare and brief CISO leadership on the cyber threat landscape.Introduction: Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant/Threat Intel Analyst, you will be a key advisor for IBM’s clients, analysing business requirements to design and implement the best security solutions for their needs. You will apply your skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.
Required Technical and Professional Expertise
2 years’ experience working with a SOAR (i.e Threat Connect)
2 years’ experience with threat models such as Kill Chain or MITRE ATT&CK
2 years’ experience in executing the Intelligence cycle from planning to dissemination
Knowledge of security controls, how they can be monitored, and thwarted
Knowledge of network forensics: network traffic protocols, traffic analysis (i.e. Network flows and PCAP), intrusion detection
Knowledge on Query structures such as Regular Expression or YARA
Basic knowledge on scripting languages like Bash, Python and PowerShell, etc
Understanding of OSI layers
Strong communication skills both written and verbally
Last updated