As a Threat Intelligence Researcher at IntSights, you will investigate the newest cyber events and threat actors. You will be exposed to the newest emerging cyber events and use the IntSights Platform and your own research skills to find pieces of information and connect the dots to establish timelines of attack, identify threat actors interests and motivations, and track down the bad guys that pose a threat to our customers.
You will need a thorough understanding of the cyber threat landscape, from malware types and attack vectors, web hacking and testing, to technical understanding of hacker methods in order to replicate and mitigate them.
Your role will include summarizing your findings and creating reports for our customers and for media publication. For that you will need to be an independent, very thorough person who knows how to dig deep and leave no rock unturned, thus bringing the most accurate and complete intelligence picture and then depicting that it in a sentence, a paragraph, or a ten-page paper.
What will you do?
- Track day-to-day emerging cyber events and identify those with the greatest impact on our customers.
- Receive client research requests and investigate them according to the time and scope defined. Use every tool at your disposal to get the information required and develop new ways to collect and find the necessary data.
- Analyze ongoing attacks to assess their origin, purpose, and impact on our customers.
- Track down threat actors across the clear, deep, and dark web. Engage with hackers to retrieve more intelligence and collect unique information which is not otherwise accessible.
- Support IntSights content marketing and PR efforts through various forms of research, from broad sector research (Finance, Retail, Healthcare etc.) to fast, real-time analysis of data breaches and emerging events.
- Contribute to the infosec community through papers, blogs, and presentations on new and innovative findings.
- Be a leading knowledge source in information security and cyber matters supporting other departments with your knowledge and expertise.
- At least 3 years of experience in the cyber security industry.
- Experience and understanding in cyber threat intelligence. Good knowledge in clear, deep and dark web forums and open source intelligence sources, sites, and tools.
- Experience in investigating threats, using OSINT, HUMINT, and other web research tools to investigate threat actors and their TTPs while providing context to threats. Reaching conclusions from incomplete or missing data.
- Technical know-how to extract threat data (IP’s, domains, ports, malware, and malicious communications) from multiple sources to create reports on the threats you will face in your research.
- Familiarity with network defence technologies, cyber kill chain, Mitre ATT&CK framework, known cyber crime groups, APTss and their targeted sectors.
- Ability and desire to work across technologies and our different platform offerings.
- Experience with writing English papers and reports (from 3 to 20 pages) – big plus.
- Excellent Hebrew and English verbal and written skills. Extra languages – big plus.
- Former experience in a threat intelligence position.
- Former experience in writing marketing-oriented research papers, blogs or documents.
- Experience with obtaining, structuring, and analyzing databases and the tools required to do so.
- Experience in conducting independent research including downloading and installing OSs, tools, and infrastructure.
- Knowledge with web-oriented attacks, tools, and techniques.
- Ability to synthesize technical information and document it in an engaging manner through graphical and verbal depictions.
- A good familiarity with the cyber security research community.