The Threat Intel Analyst will play a key role in identification, interpretation, transformation, and dissemination of threat intelligence crucial to protect. Collaborate with business and functional teams, develop detailed plans and accurate estimates for completion of build, system testing and implementation phases of project.
- Monitor daily intelligence operations feeds and responsible for identification, analysis, processing, and distribution of intelligence related to threats and vulnerabilities
- Develop and produce written tactical and strategic intelligence reports including data from intrusions, lateral movement, malware, DDoS, unauthorized access.
- Strong experience analyzing and synthesizing actionable threat intelligence via open-source tools.
- Ability to identify, create, execute, and adjust standard operating procedures for day-to-day operations.
- Development and maintenance of detection scripts, rules, and signatures; Suricata, SIEM alerts and host-based intrusion detection signatures (Windows, Linux, Firewall, VPN, Proxy, Apache, IIS)
- Respond to high-priority requests for information/intelligence
- Support incident investigations
- Research and document exploitation tools and threat actor tactics for use by incident responders.
The must-have skill sets
- Experience performing threat intelligence activities
- Working knowledge of network monitoring and network exploitation techniques, forensics, and intrusion detection
- Intimate knowledge of the MITRE ATT&CK Framework, Cyber Kill Chain, Diamond Model of Intrusion Analysis, or other relevant network defense and intelligence frameworks
- Ability to demonstrate analytical expertise, attention to detail, and critical thinking. Ability to apply structured analytic techniques to complex problems
- Experience working with a SIEM with varied log sources to research events
- Expertise with Sysmon and Linux audit events
- Knowledge of one or more scripting languages for automation and complex searches
Qualification (Not Mandatory)
- Ability to work independently and manage multiple task assignments.
- Strong oral and written communication skills.
- Strong problem solving and troubleshooting skills with the ability to exercise mature judgment.
Equal employment opportunity
Rezilyens is an equal opportunity employer and is dedicated to fostering an inclusive and diverse environment for employees from all walks of life. We hire based on talent and we’re proud of our global perspective.