Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

Dell Threat Intelligence Support Analyst 
United Kingdom, Scotland, City of Edinburgh 
415774151

27.06.2024

Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

Responsibilities

  • Leverage internal, commercial, and open-source tools and data sources to analyze,enrich and synthesize indicators of compromise and/or other intelligence artifacts toprovide meaningful and actionable intelligence
  • Analyze raw data sets and extract relevant insight to form high quality TI responses
  • Perform proactive all-source research to identify and characterize new threats to thecustomer base and draft related TI products, where appropriate
  • Maintain a broad understanding and knowledge of the latest offensive and defensiveTactics, Techniques and Procedures (TTPs) as well as overall Threat Landscape trends
  • Collaborate internally and externally, and develop, enhance and produce Secureworks TIproducts
  • Own and execute ongoing projects such as customer threat landscapepresentations
  • Identify intelligence collection gaps and communicate findings and collection
  • requirements
  • Initiate, propose, and update processes and standard TI operating procedures forefficient and effective response to TI and IR RFIs
  • Take ownership of, triage, and update tracking systems for TI requests
  • Gather contextual information from multiple sources to establish a TI request course ofaction or respond to a standard request for information related to the TI-Support serviceline
  • Meet service level agreements regarding initial response time and customer notificationas necessary
  • Provide internal stakeholders the necessary information for decision support andsituational awareness on service request intake activities
  • Route RFIs to the proper service delivery team with the appropriate level of urgency andcommunication channel in a professional and courteous manner with an emphasis on


Knowledge, Skills and Abilities

- Understanding and experience with the intelligence analysis lifecycle, including but notlimited to:

  • Conducting all-source intelligence research
  • Mining internal and external databases/repositories
  • Pivoting research focus on TI indicators of interest
  • Developing assessments with evidential basis
  • Translating findings into client responses and/or threat intelligence reports

- Fundamental knowledge in most of the following areas:

  • Familiarity with advanced search engine functionality and search querycustomization.
  • Unix, Linux, Windows, and OSX operating systems
  • Exploits, vulnerabilities, intrusion vectors, and malware
  • Host forensics, network forensics, and malware analysis techniques
  • Network traffic analysis, endpoint activity analysis, and log analysis techniques
  • Understanding of enterprise cyber incident management and response processes
  • Understanding of enterprise cybersecurity controls and failure modes

- Excellent technical communication skills (oral and written) including experience briefingexecutive management

- Excellent organization and resource management skills

- Excellent capability to prioritize multiple and concurrent urgent tasks

Desired Experience/Training:

  • Professional degree relevant to cybersecurity or intelligence analysis or equivalent workexperience within a technical information security-related role such as SecurityOperations, Incident Response, or Threat Intelligence analysis
  • Relevant governmental, military, commercial training and experience in cybersecurity andother industry standard certifications are a plus
  • Professional certifications such as GCTI, GCIA, GCIH, GREM, CISSP, CISM, or similarcybersecurity technical certifications are a plus
  • DevOps methods and ITIL framework knowledge are a plus