Principal Threat Intelligence Consultant

JobtailorDeutschland
Gehalt: Von 90.000,00 € bis 130.000,00 €

Responsibilities

  • Operate as a technical resource within the Practice and actively participate in DFIR investigations to provide actionable intelligence.
  • Mentor junior analysts and provide leadership.
  • Effective engagement communication, time management, and collaboration with peers.
  • Author comprehensive engagement deliverables that are tailored to both technical and managerial audiences as well as fully detail the technical findings, recommendations, business impact, and realistic remediation strategies.
  • Foster client relationships by providing support, information, and guidance.
  • Utilize automation, orchestration, and scripting to reduce manual processes, improving overall efficiency while also enabling new capabilities to meet the rapidly changing needs of our clients.
  • Contribute to integration of existing and future open-source and commercial tools to help improve GRIT processes and procedures.
  • Perpetually strengthen relevant skills, knowledge, and abilities to stay at the forefront of the information security industry.
  • Maintain a strong desire to learn, adapt, and improve along with a rapidly-growing company.
  • Perform other duties as assigned.

Requirements

  • Five (5+) years of experience performing Threat Intelligence analysis.
  • Five (7+) combined years of IT and information security experience.
  • Embraces emerging technologies, including AI tools, to work smarter, solve problems, and drive better business outcomes.
  • Prior experience in a Consulting Services role.
  • Experience implementing or improving operational processes or procedures in the intelligence analysis lifecycle.
  • Proficiency hunting APT data using open source or commercial cyber threat analytic tools or data repositories such as VirusTotal, Passive Total, Threat Miner, or Maltego.
  • Core capabilities include:
  • Network traffic analysis
  • Host forensics
  • Malware handling / triage
  • Log review
  • Experience with a variety of industry-related solutions including EDR, SIEM, NDR, FW, NGAV, Velociraptor, OSQuery, and others.
  • Strong ability to correlate data and research using open source repositories (ex. VirusTotal, Domaintools, Threatminer, etc.)
  • Intermediate ability to present technical information and analysis to audiences up to 50 persons on a quarterly basis.
  • Ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity.
  • Ability to make confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware and system analysis. Candidate must be able to identify analytic bias.
  • Experience with common programming languages including PowerShell, Python, BASH, Go, or others.
  • Experience with cloud technologies for the enterprise, such as Amazon Web Services, G Suite, Office 365, and Azure.
  • Awareness of attacker techniques, advanced threat groups, and integration of intelligence into an investigation.
  • Other relevant industry certifications, such as but not limited to GCIA, GCIH, GDAT, GCFE, and GFCA.

ATS Optimization Keywords

Hard Skills

  • Threat Intelligence analysis
  • Network traffic analysis
  • Host forensics
  • Malware handling
  • Log review
  • Programming languages
  • Automation
  • Orchestration
  • Scripting
  • Operational processes

Soft Skills

  • Mentoring
  • Leadership
  • Effective communication
  • Time management
  • Collaboration
  • Client relationship management
  • Adaptability
  • Desire to learn
  • Problem-solving
  • Presentation skills

Certifications & Qualifications

  • GCIA
  • GCIH
  • GDAT
  • GCFE
  • GFCA

Industry Keywords

  • DFIR investigations
  • Cyber threat analysis
  • APT data hunting
  • Intelligence analysis lifecycle
  • Emerging technologies
  • Attacker techniques
  • Advanced threat groups
  • Integration of intelligence
  • Confidence-based assessments
  • Analytic bias

Tools & Technologies

  • VirusTotal
  • Passive Total
  • Threat Miner
  • Maltego
  • EDR
  • SIEM
  • NDR
  • FW
  • NGAV
  • Amazon Web Services
#J-18808-Ljbffr