Cyber Threat Intelligence Analyst
ReliaQuest
IT
Tampa, FL, USA
Posted on Thursday, April 18, 2024
Why it’s worth it:
Are you interested in producing operational and strategic intelligence products that draw on primary-source information to provide actionable insights into adversary tactics and techniques, malware, and threat campaigns? Joining ReliaQuest’s Cyber Threat Intelligence team, you will be an integral part of intelligence operations. This is a great opportunity to put your Security Operations skills to use while conducting cutting-edge threat research, seeking and interpreting restricted intelligence, and delivering intelligence products to a varied audience. If you have a keen interest in broadening your skills, knowledge, and experience within an intelligence environment, this role might be for you.
The everyday hustle:
Conduct investigations into credible threats including telemetry-focused investigations to map threat campaigns and reveal threat actor TTPs to inform detection and response decision making
Analyse novel or evolving threats to inform detection research and threat hunting activity
Write timely, accurate, and relevant actionable intelligence deliverables in a variety of formats—including short, fast-turnaround updates and longer-form reports—covering credible threats such as actors, vulnerabilities, and malware
Research, write, contribute to, and coordinate external-facing papers, blogs, webinars, and podcasts
Propose and carry out extended research projects to gather actionable intelligence on the cyber threat landscape
Follow trends, dynamics, and developments in the cyber threat landscape
Identify new threat actors or locations and assess their credibility, motivations, and threat level
Conduct investigations to support customer Requests for Intelligence (RFIs) and produce written deliverables according to agreed parameters
Liaise with other teams within the Threat Research umbrella to deliver primary-source intelligence to enrich internal telemetry efforts investigating credible threats
Support Threat Research Team Leadership in ensuring team goals are met
Meet deadlines and achieve expectations
Do you have what it takes?
Credible experience of working in cyber security and/or cyber threat intelligence with a focus on Security Operations, Digital Forensics and Incident Response (DFIR)
Hands on experience of raw telemetry investigations, and working with Endpoint Detection and Response (EDR) tools
Existing knowledge of or deep interest in cyber security
Experience working in online intelligence investigations and analysis, including good OSINT skills
Demonstrates a sense of urgency, understands customer needs (internal and external), and is solution-focused
Strong analytical skills and a demonstrated writing ability
Understands channels of communication, delivery of information, tone, and attitude in messaging; has an awareness of cultural differences, inclusiveness, and communication barriers
Can adapt to a fast-moving environment to deliver high-quality intelligence content in a short timeframe
Comfortable working in cross-functional intelligence teams across different time zones
A relevant university degree (e.g., Computer Science, Cybersecurity, Languages, International Relations, Political Science), equivalent education, or appropriate professional experience
What makes you uncommon?
Experience of tactical investigations into threat actor TTPs, malware, and vulnerabilities
Good understanding of the cyber threat landscape, including threat actor attack methodologies, security postures, and appropriate analytical frameworks (including Cyber Kill Chain, Diamond Model, MITRE ATT&CK)
Skills in an unusual language e.g., Farsi, Arabic, Turkish (able to read and write)
Experience of non-standard Mandarin-language vocabulary, e.g., slang and technical jargon
Familiarity with open, deep, and dark web cybercriminal marketplaces and forums
Experience of online HUMINT operations and/or social engineering techniques
A comfortable public speaker, confident to share ideas and insights both internally and externally
Awareness of a wide variety of security technologies (e.g., SIEM, EDR)
Technical understanding/skills, particularly of cyber security offensive and defensive practices
Knowledge of cyber threat actors and adversary tactics, techniques, and procedures (TTPs)
Familiarity with structured analytic techniques for intelligence analysis
