Sr. Cyberthreat Analyst (OSINT)

HR TechX Corp.


Date: 17 hours ago
City: Pasay
Contract type: Full time
Specific Duties and Responsibilities:

  • Threat Lead Identification: Research new adversary tactics, techniques, and procedures (TTPs) using open sources (public information such as security vendor reporting, social media, code repositories); closed sources (dark web and underground forums); and proprietary sources.
  • Subject Matter: Threat leads should focus on team priority intelligence requirements (PIRs). Examples of such subject matter include malware developments, offensive security tools, vulnerability exploits, cloud security, and mobile security.
  • Key Detail Identification: During research, identify and take note of infection chains, host and network IoCs, malware samples, threat actors, and MITRE ATT&CK tactics and techniques.
  • Author Notes: Write TTP Instances detailing identified threat leads. TTP Instances include a combination of information from open-source reporting and your own analysis (i.e. code review, static malware analysis). TTP Instances are written and formatted to help our customers understand infection chains while also helping them prepare and validate their defenses.
  • Cadence: Write at least 2 TTP Instance notes daily
  • Quality: Authored TTP Instances should include minimal grammatical or syntax errors. Plagiarism is not acceptable.
  • Malware Analysis: Using sandbox environments and static analysis tools, analyze malware samples associated with threat leads.
  • Use Cases: Malware analysis is used to provide additional insight into an event, validate open-source reporting, uncover additional IoCs, and assist peers and customers in detection engineering.
  • Detection Engineering: Create malware or vulnerability detections (e.g. YARA, Sigma, Snort, Nuclei) that can be used for threat hunting, detection, and classification.
  • Cadence: Create at least 2 malware or vulnerability detections per month
  • Delivery: These detections may be uploaded to the Client Platform on their own, or accompanied by a TTP Instance.
  • Content Review: Review TTP Instances and Malware Detections created by your peers, checking for subject matter accuracy, correct IoC identification (no false positives), MITRE ATT&CK mapping, Diamond Model mapping, and proper grammar and formatting.
  • Content Publication: Upload reviewed TTP Instances to the Client Platform while ensuring proper entity and Diamond Model tagging.
  • Information Security: Adhere to and implement our organization's quality and information security policies and carry out its processes and procedures accordingly.
  • Protect client-supplied and generated-for-client information from unauthorized access, disclosure, modification, destruction, or interference (see also Table of Offenses)
  • Carry out tasks as assigned and aligned with particular processes or activities related to information security.
  • Report any potential or committed non-conformity, observation and/or security event or risks to immediate superior.


Qualification

Required Skills

  • Strong written communication in English
  • Demonstrable experience writing reports on technical subject matter (e.g. malware, vulnerability exploits, offensive security tools) in a clear, concise, and logical format
  • Demonstrable ability to create malware detections (e.g. YARA, Sigma, Snort) with no false positives
  • Disciplined time management
  • Flexibility when working with a global team in varying timezones Self-starting, self-motivated, and thrive in a collaborative environment Ability to receive and apply constructive feedback from peers and leadership


Minimum Qualifications

  • B.S. equivalent in computer science, information systems, or cyber intelligence Four (4) years of professional experience in the Cybersecurity or Threat Intelligence industry
  • Technical proficiency in Cyber Threat Intelligence and Threat Intelligence platforms
  • Experience working with open-source intelligence (OSINT) and/or large data sets
  • Experience working with sandboxes, virtual machines, or other malware analysis tools
  • Familiarity with the MITRE ATT&CK Framework, including the ability map reported activity to ATT&CK tactics and techniques
  • Familiarity with interpreting and mapping cyberattacks to the Diamond Model of Intrusion Analysis
  • Adeptness in cybersecurity and data protection


Preferred Qualifications

  • Proficiency in scripting or programming languages (PHP, C, C#, C++, Python, PowerShell, Go, JavaScript, Rust)
  • Experience creating vulnerability detections (e.g. Nuclei)


R

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume

Similar jobs

Team Lead, Shpbd HR Strat&Svcs

Royal Caribbean Group, Pasay
18 hours ago
Position SummaryThis position reports to Mgr, Shipboard HR Strategy & Services. In this position, the TeamLeader is responsible to lead the team of Specialists and Recruiters who provide short-andlong-term work force recruiting and scheduling services. These services meet theoperational guidelines from the Manager and Fleet Operations Management and providethe workforce needs of the fleet.The team leader ensures that the team...

HR Delivery Officer l MOA / Midshift

MicroSourcing, Pasay
4 days ago
Discover your 100% YOU with MicroSourcing!Position: HR Delivery OfficerLocation: MOA, Pasay CityWork setup & shift: Onsite l MidshiftWhy join MicroSourcing?You'll HaveCompetitive Rewards: Enjoy above-market compensation, healthcare coverage on day one, plus one or more dependents, paid time-off with cash conversion, group life insurance, and performance bonusesA Collaborative Spirit: Contribute to a positive and engaging work environment by participating in company-sponsored...

Dispute Analyst, Project Management

Visa, Pasay
6 days ago
Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven...