At the heart of our defense against cyber threats lies the Security Operations Center (SOC). The SOC is composed of several specialized teams, each playing a crucial role in protecting our organization:
Cyber Threat Intelligence (CTI) gathers data on potential threats, contextualizes it within the company, and delivers actionable insights to support decision-making and trigger new alerts.
Use Case Design ensures that our infrastructure is equipped with the right triggers to detect potential threats.
Security Analysts (T1/T2/T3) investigate alerts when they are triggered.
Cyber Security Incident Response Team (CSIRT) coordinates the response when alerts escalate into full-scale incidents.
We are currently looking for a Cyber Threat Intelligence Analyst to join our SOC.
The CTI team supports not only the SOC but also a wide range of stakeholders across the organization, each relying on CTI insights for their specific domains.
Key Challenges for CTI in the Short to Medium Term :
Expanding services to existing stakeholders
Establishing service delivery for new stakeholders
Your Role as a Cyber Threat Intelligence Analyst
As a Security Threat Intelligence Analyst, you will provide intelligence on threats and threat actors, assess the risks they pose to our IT environment, and recommend enhancements to our security controls.
You will :
Conduct research on emerging threats relevant to the company
Identify and classify threat actors and campaigns
Prepare and present CTI reports to the the company's Cybersecurity community
Understand the company's critical IT assets and security controls
Collaborate on threat hunting and use case development
Analyze adversary tactics and identify gaps in our defenses
Recommend improvements to our security architecture
Review and interpret external threat intelligence sources and reports
Suggest enhancements to detection use cases based on internal and external insights
Key Competencies for Success
Strong knowledge of threat impact assessment techniques
Experience supporting use case design and correlation rule development
Familiarity with log management and SIEM tools
Proficiency with commercial and open-source security tools (e.g., EPP, EDR, SIEM)
Skilled in log analysis using regular expressions and natural language queries
Understanding of network traffic analysis and packet capture
Solid grasp of encryption and cryptography
Familiarity with frameworks like MITRE ATT&CK, Kill Chain, or the Diamond Model is a strong plus
Your Ideal Profile
Passionate about cyber security
Strong understanding of the company's IT infrastructure
Skilled at building partnerships with new stakeholders
Excellent at researching and synthesizing information
Able to communicate clearly and effectively to diverse audiences