Cyber Threat & Intelligence Job Description
Cyber threat & intelligence
provides expertise to build threat intelligence processes such as setting intelligence gathering priorities based on identified threats, acquiring actionable threat intelligence from public and subscription services, analyzing the results of intelligence activities, and briefing security managers responsible for acting upon such intelligence.
Cyber Threat & Intelligence Duties & Responsibilities
To write an effective cyber threat & intelligence job description, begin by listing detailed duties, responsibilities and expectations. We have included cyber threat & intelligence job description templates that you can modify and use.
Sample responsibilities for this position include:
Detect and analyze cyber threat activity for the identification of advanced persistent threats and malware in real-time
Capable of performing basic static and dynamic malware analysis
Assist in the development of Standard Operating Procedures (SOP) for the identification and investigation of malware activity on the network
Candidate is expected to work closely with team members, management, and other IT teams (Workstation, Network, Server)
Provide enterprise threat analysis (assessment) by reviewing potential and current threats based upon a defined and repeatable threat and vulnerability analysis methodology
Provide actionable intelligence for enterprise risk reduction and remediation by partnering with key groups in identifying and driving risk remediation approaches to current and emerging threats
Provide enterprise risk and threat communication efforts to key groups and the enterprise regarding potential threats and remediation efforts - including the ability to develop write-ups that provide effective analysis and actionable intelligence based on relevant security events
Provide rotating 24x7 On-Call Support Coverage
Provide 3rd Level Incident Response by providing escalation services to key support areas in the evaluation of potential threats, security investigations, remediation efforts and related tool sets, including CSIRT (Computer Security Incident Response Team) participation as needed
Develop and maintain relationships with related vendors which provide informational sources for risks, threats and controls
Cyber Threat & Intelligence Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Cyber Threat & Intelligence
List any licenses or certifications required by the position: CEH, CISSP, SANS, GIAC, GCTI, GSEC, CSSP, CISM, CREST, GCIH
Education for Cyber Threat & Intelligence
Typically a job would require a certain level of education.
Employers hiring for the cyber threat & intelligence job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Intelligence, Computer Engineering, Information Technology, Cyber Security, Education, Engineering, Technical, Information Security, International Relations
Skills for Cyber Threat & Intelligence
Desired skills for cyber threat & intelligence include:
Networking
Foundational threat intelligence analysis frameworks
Detect
Respond security operations
Standard monitor
Malware
Monitoring
Contrarian
Imaginative analytic techniques
Linguistic
Desired experience for cyber threat & intelligence includes:
Interest in working in a large, mission-critical environment
Basic understanding of national and international cyber security issues
Degree from an accredited college or university (or equivalent)
Collecting intelligence information related to threat scenarios and targeted assets, in addition to any emerging threat scenarios which the threat model would need to consider, by leveraging existing intelligence sources in the form of existing external Cyber Threat Intelligence feeds, internal sources such as SOC situation awareness outputs and Vulnerability Management programs
Experience conducting threat research that is relevant to financial services industry and providing threat intelligence that is specific to the financial industry
Qualifications within the IT Security field desirable though not essential
Cyber Threat & Intelligence Examples
1
Cyber Threat & Intelligence Job Description
Job Description Example
Our company is growing rapidly and is hiring for a cyber threat & intelligence. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for cyber threat & intelligence
- Using many online tools to enrich and contextualize to raw data
- Participating in many online communities and engage them
- Creating reports for internal use or customers
- Providing support to SOC and CSIRT teams during investigation thanks to your knowledge of the cyber threat landscape
- Assess each event based on factual information and wider contextual information available
- Produce intelligence outputs to provide an accurate depiction of the current threat landscape and associated risk through the use of vendor feeds, and open source reporting
- Actively research emerging cyber threats
- Adapt well to changing demands and ambiguous situation
- Have excellent interpersonal and collaborative skills
- Management Program
Qualifications for cyber threat & intelligence
- 3-5 experience with Visio, Power Point and Excel
- 1-3 years of experience in data mining and geopolitical analysis
- Preferrably 1-3 years of experience specific to global cyber threats
- Maintains current knowledge related to threats
- Firm grasp of fundamental concepts related to managing and securing systems
- Work with formal and informal industry information sharing groups
2
Cyber Threat & Intelligence Job Description
Job Description Example
Our innovative and growing company is searching for experienced candidates for the position of cyber threat & intelligence. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for cyber threat & intelligence
- Maintain a working knowledge of the broad cyber threat and geopolitical landscape
- Provides expertise to build threat intelligence processes such as setting intelligence gathering priorities based on identified threats, acquiring actionable threat intelligence from public and subscription services, analyzing the results of intelligence activities, and briefing security managers responsible for acting upon such intelligence
- Exhibits technical leadership abilities and mentors junior employees in the security function
- Responsible for identifying quality information sources, cross-referencing and correlating information from various sources and systems, disciplined tracking of threat actors, targets, and profiles, escalating and predicting threats, and summarizing threat activity in reports to management
- Provide expertise for developing and implementing the company’s cyber threat capability, federated across multiple operational units
- Monitor open source intelligence, daily email feeds, sensor intelligence sources, and other threat intelligence products in order to continually assess Shire’s defensive posture
- Attend team meetings and provide updates on action items, as needed
- Support Shire’s intelligence collection objectives by continually assessing collection priorities and detective measures
- System lifecycle planning for new and existing systems
- Fault tolerant system design
Qualifications for cyber threat & intelligence
- Excellent project management skills, ability to work in a fast-paced and hectic work environment, ability to prioritize tasks effectively
- Ability to coach, mentor and train analyst staff in cyber threat intelligence analytic methods, including effective writing, research, communications, critical thinking
- Bachelor’s degree AND at least 5 years of experience in security and/or intelligence specific profession with leadership responsibility OR a high school diploma (or equivalent) AND 7 years of experience in a security and/or intelligence specific profession with leadership responsibility
- Experience with incident response and digital forensics or cyber security operations preferred
- Established personas and credibility within attacker forums a plus
- French, Italian, German, Japanese, Russian or Chinese language capabilities a plus
3
Cyber Threat & Intelligence Job Description
Job Description Example
Our innovative and growing company is looking to fill the role of cyber threat & intelligence. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for cyber threat & intelligence
- Understanding of common network infrastructure and the ability to communicate the impact resulting from system dependencies
- Planning for vulnerabilities in systems by providing risk assessments and mitigating controls
- Performing unit testing and system integration testing of newly-developed functionality
- Design, develop, test and implementation of workflow applications
- Development and deployment of automated intelligence ingestion with scripting and API integration
- Correlate internal data sets with external sources to enrich intelligence
- Identify opportunities for automation and implement solutions to increase efficiency
- Interact daily with key staff members to generate technology requirements, use cases, and understand business imperatives
- Document analytic tradecraft and methodology
- Collaborate on workflow to feed lessons learned into SOC and DFIR Intel teams to enhance detection capability
Qualifications for cyber threat & intelligence
- Must be available to work on-call or off hours as needed to respond to an incident
- Bachelor’s degree in information technology or relevant field
- Experience developing threat indicators to be used for data protection signatures with IPS systems
- Certification in forensics disciplines
- Bachelor’s degree in MIS, Computer Science, Eng
- Superior relationship management, facilitation, project management, and problem solving skills
4
Cyber Threat & Intelligence Job Description
Job Description Example
Our growing company is looking to fill the role of cyber threat & intelligence. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for cyber threat & intelligence
- Develops program metrics and reporting frameworks, compiles and analyzes data for accurately timely reporting of response, project and milestone activity
- Develop and maintain key cross-functional relationships with Security Research, Physical Security, Product Security, IT, Legal, and other critical business unit areas
- Participate in and assist in development of tabletop Incident Response exercises
- Provides leadership, influence, vision and direction to the organization to contribute to achieving the companies goals
- Works with IT leaders to develop overall IT strategy in alignment with business strategy
- Supports and fosters innovative technologies to deliver new ideas that enable business transformation
- Oversees development of processes and tools to automate code releases from development to operations (DevOps)
- Establishes and drives technology roadmaps that align with current and future business needs
- Ensures technology processes are conducted in line with applicable standards and company policies
- Provide on-site support to both Washington, D.C
Qualifications for cyber threat & intelligence
- Strong ability to coach and mentor less experienced team members
- Must have a solid understanding of cyber security threats, risks, vulnerabilities, and attacks
- Experience of Threat Intelligence, Information Security, and a solid IT background
- Detailed knowledge of the Cyber Security domain, including the Tools, Techniques and Procedures used by attackers and the mitigations to defend against these
- Knowledge and experience of Security Operations Centre, and Vulnerability Management operations and activities
- Be a resilient and highly motivated entrepreneurial self-starter who can identify opportunities, actively pursue them, and who relishes a challenge
5
Cyber Threat & Intelligence Job Description
Job Description Example
Our company is growing rapidly and is hiring for a cyber threat & intelligence. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for cyber threat & intelligence
- You will establish and operate processes necessary to collect, analyses, prioritize and disseminate current all-source intelligence product in support of JSOC priorities
- Your team will provide timely and prioritized intelligence support into the JSOC detection lifecycle and incident response processes
- Use your interpersonal skills to develop and maintain key cross-functional relationships with Security Research, Physical Security, Product Security, IT, Legal, and other critical business unit areas
- You and your team will ensure the JSOC is able to respond appropriately to both commonly used and specific adversary TTPs through the development and participation in table-top and adversary simulation exercises
- You will collaborate with stakeholders to drive a deep understanding of significant threats
- You will work with Risk Management teams to escalate risk and create mitigation plans
- You will develop and maintain key multi-functional relationships with Security Research, Physical Security, Product Security, IT, Legal, and other critical business unit areas
- You will document analytic tradecraft and methodology
- You will collaborate on workflow to foster lessons learned into SOC and DFIR Intel teams to enhance detection capability
- You will take new indicators from SOC and DFIR teams and create feedback loop to educate SOC/DFIR analysts
Qualifications for cyber threat & intelligence
- Tracking cyber threat actors and their infrastructure, targeted attack techniques, tactics, and procedures
- Lead and take action on a diverse range of technical and threat information, conduct deep-dive analysis to draw out trend analysis and context, drawing relevant conclusions and assessment
- A detailed understanding of the current developing crime-ware and security landscape Espionage, Crime and Hacktivism
- Scripting in languages such as Python, Perl, Powershell and a deep understanding of command line across Linux, Unix, OSX, Windows
- A motivated, self-managed, individual who can demonstrate above average analytical skills and work with peers and customers
- Initiate, organize and conduct data collection and research using all the tools and applications proactive open source information