Threat Intelligence Lead detects, reports and proposes measures to mitigate cyber threats.
Threat intelligence lead is responsible for implementing threat intelligence platform
Responsible to collect data and information about different sources, both open and private
Responsible to investigate specific cyber threats and assess potential threats
Conduct malware analysis and provide indicators for defensive measures
Responsible for Deploying and configuring Phishing
5 -7 years of experience in IT/IT Security
5 years of experience in operating SIEM product Knowledge of DDoS techniques and mitigation mechanism.
Knowledge of Windows and/or Unix-based systems/architectures and related security.
Excellent knowledge of LAN/WAN technologies
Strong understanding of cloud technologies and related security best practices.
Experience handling security incidents in cloud infrastructure.
Must have a solid understanding of information technology and information security.
Relevant Security related certifications a plus: GCIA, GCIH, GCED, GCFA, GREM, OCSP
Ensuring threat management, threat modelling, identify threat vectors and develop use cases for security monitoring
Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.
Act as focal point for any investigations involving security; to prepare reports and note follow up action.
Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date
Coordinate with IT teams on escalations, tracking, performance issues, and outages
Key Skills/Knowledge
Must have an in-depth understanding of the concepts and threat forces
Good working knowledge of advanced threat analysis technology in subjects such as computer science, and other is an added advantage
Strong Knowledge of: Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM)
Knowledgeable in SOC advancements such as EDR, SOAR and malware analysis
Thorough knowledge of SIEM technologies, like Google chronicle, Splunk ES or Qradar, patching and version upgrades
In-depth familiarity with security policies based on industry standards and best practices
Experience required
Experience in Malware analysis, implementation of any threat intel platform
Solid experience in identifying potential threats and analysing the security alert
Proven experience in threat modelling
Demonstrated experience in handling cyber security incidents in enterprise-level incident response team or security operations center.
Strong working knowledge of security tools such as SIEM, Anti-Virus, Web Application Firewall, Intrusion Detection System/ Intrusion Prevention System NetFlow, Network Packet Analyzer and Endpoint Detection & Response tools.
Proven subject matter expertise in relevant areas, such as Threat intelligence, malware analysis or security engineering.
Solid understanding of TCP/IP and inter-networking technology including packet analysis, routing and switching.
Strong technical knowledge of operating systems, network services and applications.
A keen understanding of security logging components and capabilities of operating system and application.
Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executive
