About the Role:
- Leading the topics and projects, ensure intelligence capabilities being planned, build, and handed over are timely and relevant to the ever-changing threat landscape.
- Provide an oversight governance in ensuring our partners are providing quality delivery and develop, maintain, and periodically validate the cyber threat intelligence SOPs and runbooks.
- Work with our partners to drive process and documentation improvement in threat intelligence, triage and escalation procedures.
- Collecting information and conducting analysis to develop intelligence to continuously mature "indication and warning" capability.
- Enrich with contextual information and produce finished intelligence to define strategic threat intel products, in a pre-defined timeframe (yearly, half-yearly, etc.) for key stakeholders' consumption.
- Correlate intelligence to develop deeper understanding of tracked threat activity to influence investments in protection and detection controls (i.e. delivering business justification for new use-cases).
- Be part of a wider team and support threat hunting duties.
- Regularly collaborate with CDC, DFIR and other supporting functions to respond to incidents and aid in investigations.
- Maintain strategic relationship with local and federal government agencies as well as industry organizations to establish information sharing capabilities
We are looking for team members with an exceptional track-record of delivering security to a range of business types and sizes. You'll bring the following:
- Minimum 8+ years of experience within an intelligence function.
- Preferred 3 to 5 years team lead experience for cyber security teams(preferred).
- Working together with the manager, be willing to coach and/or mentor junior analyst joining the team.
- Excellent writing and presentation skills to communicate findings and recommendations to different audiences and stakeholders.
- Experience conducting intelligence investigations and familiarity with investigative tools.
- Experience in establishing and maintain intelligence lifecycle.
- Proven track record of MITRE ATT&CK, Cyber Kill Chain, Diamond Model and able to develop threat models based on the frameworks.
- Experience in use of cyber security products such as threat intelligence platforms, cloud security, endpoint security and open-source products such as Shodan, Virus total, etc.
Company Reg. No.: 201131609D | Licence No.: 11C4684 | EA Reg No.: R 1440978