Cyber Threat Intelligence Analyst

DamoTech is looking for a Cyber Threat Intelligence Analyst to support and inform our hunt, marketing and sales teams with actionable intelligence and reports detailing network based threats

To be successful in this role, you must be able to

  • • Generate quality written reports contextualizing emerging trends with how it relates to network behavioral analytic detections for sales and marketing teams
  • • Provide verbal consultation on sophisticated network based emerging threats to sales and marketing teams as well as executive leadership
  • • Validate that public responses to emerging threats are technically accurate and referenced appropriately
  • • Work with Threat Analysis researchers and write public blog post or other written/visual content based on novel research findings
  • • Process and analyze large datasets to identify phishing/malware trends
  • • Actively collaborate with other Threat Analysis team members to identify and design new areas for intelligence collection and storage
  • • Provide rich security analysis in order to produce behavioral detection capabilities over network data
  • • Collaborate with internal and external Cyber Operations as threats are discovered with contextualized intelligence to TTP’s to support the triage and incident processes
  • • Performing Penetration Tests

Minimum requirements:

  • • BS in Cybersecurity/Intelligence Studies/Computer Science or another relevant degree, or at least 5 years of comparable industry experience
  • • At least 3+ years of experience working in Cyber Threat Intelligence or similar field
  • • Strong understanding of TCP/IP and common network protocols
  • • Strong understanding of network threats and network based TTPs
  • • Excellent writing and presentation skills
  • • Ability to communicate complex technical concepts at a basic level
  • • Experience with threat intelligence platforms (OpenCTI, Falcon X, AlienVault USM, ThreatStream, etc)
  • • Basic scripting capabilities (python/bash)
  • • Basic knowledge of cloud environments and how to access/navigate
  • • Experience with PCAP analysis
  • • Knowledge of Suricata or other equivalent IDS tools
  • • Ability to work in a remote environment and with a geographically dispersed team
  • • Ability to perform Penetration Tests

Certifications like OSCP, GIAC or similar are a big plus.

Knowledge of Satellite and Space Industry Threats is an asset.