WHAT YOU’LL DO
- Track cyber threat activity targeting cloud environments
- Build and maintain profiles of state-sponsored or financially motivated cyber threat actors
- Track private and public threat intelligence feeds and sources
- Investigate threats to customer environments based on analysis of product telemetry
- Correlate and cross-reference intelligence from multiple sources to build a deeper understanding of threat activity
- Work with the product and sales teams to provide security insights to customers and support decision-makers
- Operationalize your knowledge to help build detections for emerging threats
- Produce various forms of analytic reports describing threat activity and security incidents impacting customer environments
- Publish your insights about the cloud threat landscape with the wider security community
WHAT YOU’LL BRING
- 5+ years experience in cyber security analysis or threat analysis
- Understanding of core cybersecurity topics related to OS, networking, or cloud
- Strong grasp of threat intelligence frameworks and tools, as well as cyber-attack lifecycles
- High familiarity with state-sponsored and/or cybercrime threat actors
- Proficiency in log analysis (KQL, Splunk, ElasticSearch, or similar)
- Proficiency with scripting languages (Python, Rego, R, MATLAB or similar)
- Writing skills
- Application of analytic techniques to complex problems
- An independent self-learner
- Good communication and teamwork skills
ADVANTAGE
- Experience with threat detection rule formats (YARA, SIGMA, Snort, etc.)
- Data analysis experience (SQL)
