Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

Microsoft Threat Intelligence Analyst 
Ireland, Dublin 
143141503

16.07.2024
Qualifications
  • Experience producing actionable threat intelligence on targeted and advanced persistent threats enabling network and host defences in external organizations with demonstrable impact
  • Expertise tracking APT adversaries leveraging the Diamond Model to identify and characterize various TTPs, capabilities, infrastructure, and operational campaigns
  • Experience performing actor tracking/investigation/threat intelligence/SOC work
  • A good understanding of how the internet works, that is, relevant network protocols (HTTP, TLS, TCP/IP, UDP, DNS, etc), OAuth.

Familiarity in at least one of the following:

  • (1) cloud intrusion analysis in adversary operations;
  • (2) Analysing sophisticated malware samples used in targeted attacks against large corporate or government entities;
  • (3) Analysing host forensic and log data associated with advanced targeted adversaries

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:


- This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Responsibilities
  • Perform daily actor tracking, either for nation state actors, or e-crime
  • Define, develop, and implement techniques to discover and track current adversaries and identify the attacks of tomorrow
  • Write Azure Data Explorer (KQL) queries to search in telemetry.
  • Write Storm queries (for the Vertex Synapse tool) to search telemetry
  • Threat intelligence content production - Writing up findings in a clear, unambiguous manner such that your peers can easily understand your investigation, and why and how you came to any conclusions.
  • Work with engineers/developers/data scientists to develop more complex systems that solve analyst’s needs.