Nokia Threat Intelligence/Threat Hunting Security Professional 

Portugal 

465638229

The team you'll be part of

(CDC) is looking for a Threat Intelligence and Threat Hunting Security Professional taking up responsibilities in the CDC Engineering and Threat Hunting Team.

What you will learn and contribute to

In the remainder of this document, the profile we’re looking for will be referenced as ‘TI & TH-professional’.

The TI & TH-professional is capable of addressing the challenges regarding the management of Threat Intelligence information (aka TI info). I.e. establish an effective lifecycle management and incrementally improve the value add of the available threat intel through the (auto-)enrichment of security event data. The activities in scope of the TI activities include (non-exhaustive view):

- Identification of relevant TI-feeds in support of stakeholders needs

- Support (auto-)enrichment of event information through the ingestion of TI information in our TI platform (MISP)

- Support the establishment of an effective TI reporting mechanism

- Look for options to improve the ‘value add’ of the available intel

The ‘TI & TH-professional’ will actively supported the execution of defined hunts and diligently carry out the full lifecycle, i.e. from hypothesis definition up to documenting findings and sharing the insights with stakeholders. The activities in scope include (non-exhaustive view):

· Digest the information made available through the TI- and TM-activities

· Propose topics for new hunts, considering the priorities associated with specific TTPs

· Prepare the execution of hunts, including a validation whether the prerequisites to successfully execute a hunt are met

· Execute the hunt, in line with the agreed restrictions (i.e. time, scope, effort)

· Consolidate findings and involve relevant stakeholders to discuss them; in the event security gaps are found, ensure that the right steps are taken to get these gaps (eventually) resolved

· Upon concluding the hunt, document findings and, when relevant, suggest improvements for future hunts

Gradually, the focus will shift towards including the outcome of ‘Threat Modelling’-activities as an effective ‘Threat Hunting’-capability heavily depends on having access to relevant and well-maintained threat models.

Your skills and experience

In the overview below, a series of requirements or expectations are listed. This overview is not to be considered as a need-to-have for all but, in the case a particular expectation cannot be met, it is expected that the applicant is aspiring to (eventually) fulfill the expectation.

• BSc or MSc (preferred) degree in computer science or related technical field
• Have +5 years of experience in cyber security (or equivalent by education and/or interest)
• Having practical/hands-on experience in ‘Threat Intelligence’ in the context of ‘Information Security’ is a plus; if not present at the time of soliciting for this position, commit to work towards mastering the topic on the short to mid term
• Having experience as an analyst in a SOC is considered a plus
• Having a security certification is considered a plus (e.g. CEH, CHFI); if not in place at the moment of soliciting for this position, be willing to obtain a certification in due time
• Understand the activities in support of Threat Hunting and be able to demonstrate it
• Terminologies such as CIA, SIEM, SOC, TTPs and MITRE ATT&CK are no secret to you and you’re able to demonstrate an active understanding of it
• Be familiar with the approach taken to define SIEM detection rules and, when relevant, be able to translate hunt findings into improvements to existing detection rules or propose new rules
• Be able to work in a standalone way with a minimum of guidance and oversight – in case assignments are not clear, it is expected from the applicant to make this known to the peers or team lead and drive it towards a resolution.
• Knowledge of scripting and programming languages is a plus (e.g. Python, Powershell)
• Show eagerness in getting to ‘the bottom’ of a given hunt
• Be fluent in English (oral and written)
  

Nokia has received the following recognitions for its commitment to inclusion & equality:

• One of the World’s Most Ethical Companies by Ethisphere
• Gender-Equality Index by Bloomberg
• Workplace Pride Global Benchmark