- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Optional Telecommute
Volexity is on the hunt for an experienced Threat Intelligence Analyst to help expand its rapidly growing Threat Intelligence service.
You want to be one of the first to assist in investigating attackers behind some of the most exciting incidents in the industry, such as the SolarWinds supply chain attack or the recent Microsoft Exchange 0-days. You have experience in analyzing attacker infrastructure, tools, and investigating criminal and nation state actors.
You are looking for a job opportunity where you can:
- Expose the use of unknown vulnerabilities, tools, and tactics used by advanced threat groups.
- Help protect NGOs, activists, dissidents, human rights defenders, and other highly targeted groups.
- Work on investigations that you are personally invested in.
- Contribute to open-source projects, if desired.
- Be part of an industry-leading threat intelligence team.
- Have flexible work hours and a remote-friendly environment.
As a Senior Threat Intelligence Analyst, your responsibilities include:
- Identifying new and interesting threats leveraging proprietary, commercial, and open-source threat intelligence sources
- Building and maintaining methods for monitoring ongoing and emerging threat activity
- Triaging malware to identify its purpose and function, and further extract key information that can be used to defend networks
- Producing high-quality, written communication summarizing findings from investigations using succinct and clear language
- Working closely with incident response and network monitoring teams to improve detection and bolster response efforts by finding additional tools, malware, and infrastructure
- Playing a key part in managing and publishing threat data to customers
As a Senior Threat Intelligence Analyst, your expected skillset will include:
- Resourceful self-starter who is able to work both with a team, and independently when required
- Good understanding of network protocols
- Excellent knowledge of the current threat landscape and the TTPs of various threat actors
- Moderate or higher proficiency in Python, with ability to produce scripts to manipulate data or interact with API endpoints to retrieve desired data
- Introductory to moderate proficiency in Malware Analysis
- Strong experience in writing YARA and Suricata signatures; a successful candidate will be able to recognize the qualities of good signatures and creates solid signatures for both the YARA and Suricata formats
- High-quality written communication skills, with the ability to document findings for customers in long-form reporting
- Ability to quickly extract relevant threat intelligence from public reporting and apply that to various detection scenarios
Successful candidates for this role may demonstrate some of the following experience or skills:
- Writing detection logic for general systems, such as Carbon Black, Defender ATP, etc.
- Maltego expertise, both writing transforms and general manipulation of the tool
- Network analysis tools (Wireshark/Tshark, TCPDump, etc.)
- Basic web-development experience to assist in building and maintaining systems used to automate and manage threat intelligence data
- Prior experience working in a SOC or IR team responding to interesting attacks, with an understanding of what facets of signatures can lead to false positives and how to avoid these
In terms of working with others, Senior Threat Intelligence analysts will:
- Work with different organizations and or service providers to obtain actionable threat intelligence information
- Compile threat intelligence bulletins from multiple sources and report out to our valued customers
- Maintain a strong working relationship with government or relevant business entities in threat intelligence