Hybrid Threat Intelligence Analyst - Remote - Mandiant London, gb Bookmark Share Print 304 0 0

Listing Description

Job Description

Mandiant Threat Intelligence’s On-Demand Intelligence Access service, supported by the Custom Intelligence, Synthesis, and Reporting (CISR) Team, provides Mandiant customers with the ability to have our expert analyst team develop succinct, tailored deliverables answering the customer’s information needs and intelligence requirements. In support of this service, this role involves research, analysis, and writing short and long analytic reports in response to customer requirements.

Well-suited candidates are cyber threat intelligence generalists capable of responding to a wide range of questions related to cyber espionage, cyber crime, hacktivism, information operations, vulnerabilities, and/or enterprise cyber security questions. They will perform strategic, tactical, and operational research and analysis of adversarial cyber threats to provide timely, actionable, clear, and concise intelligence products to customers.

·         Work with customers to determine their intelligence needs and requirements and to identify the most effective methods for fulfilling these unique requirements

·         Use knowledge, creativity, and analytic tradecraft best practices to generate solutions to complex problems where analysis of situations or data requires an evaluation of intangible variables under conditions of uncertainty

·         Correlate intelligence, to develop deeper understandings of tracked threat activity

·         Produce custom analytic products (written products, briefings, and graphics) for customers and internal teams based on conclusions and judgments derived from Mandiant data sources and independent research

·         Work independently to meet tight deadlines

·         Work closely with the other Mandiant teams to contribute to intelligence products, collection processes, and the data model

·         Collaborate across the organization to stay up-to-date on cyber developments, Mandiant analytic stances, and previous Mandiant reports and briefings

·         Provide some level of off-hours support for customer requests on a rotating basis

·         Maintain confidentiality and ethics within the framework of the engagement

·         Apply basic threat hunting techniques to pivot for given information to known attack patterns, malicious code families, tracked threat groups and other historical information

·         Pivot through open-source and internal frameworks for related data associated with potentially malicious IOCs, such as:

o   IP addresses

o   URLs

o   Domains

o   Hashes

·         Strong communication skills and the ability to build a compelling and effective analytic narrative

·         2+ years of experience in an analytical or operational role (e.g. intelligence, threat analysis, security consulting)

·         1+ years practical experience analyzing cyber threats and a an understanding of technical and cyber security concepts

·         A functional understanding of:

o   core cybersecurity concepts and risk management frameworks

o   common enterprise IT infrastructure components

o   operating system internals

o   file systems and binaries

o   networking

• Familiar with the following areas and associated tools: intrusion operations, enterprise security controls, email analysis, log analysis, network flow and traffic analysis, malware triage, incident response processes, cyber attack lifecycles and models

·         Ability to express complex technical and non-technical concepts verbally, graphically, and in writing for generalist and specialist audiences

·         Demonstrated success applying research methods and analytic techniques to independently address complex analytic problems

·         Experience utilizing open source tools for analysis

·         Ability to work as part of a fast-paced, distributed virtual production team with limited supervision and under tight deadlines

·         Ability to participate and provide input during business-critical situations

·         Strong interpersonal skills with a customer-oriented attitude

Desired Additional Qualifications

·         Familiar with programming in Python

·         Foreign language skills

·         Project and task management skills

·         Experience providing briefings

·         Certifications from accredited institutions such as SANS and/or Offensive Security as desirable, such as:

·         GIAC Reverse Engineer (GREM), GIAC Network Forensic Analyst (GNFA), GIAC Certified Forensic Analyst (GCFA)

·         Offensive Security Certified Practitioner (OSCP)

·         Certified Information Systems Security Professional (CISSP)