Key Accountabilities:
Threat Intelligence Analysis:
Identify, track, and document various Threat Actors. Document and report on their TTPs, IOCs and Infrastructure
Monitor and analyse Command and Control (C2) infrastructures, Tactics, Techniques, and Procedures (TTPs), Indicators of Compromise (IOCs), and malicious domains.
Map observed threat activity to known frameworks (e.g., MITRE ATT&CK) and produce structured intelligence using formats such as STIX/TAXII.
Support:
Provide Threat Intelligence research and contextual analysis to support Digital Forensics and Incident Response (DFIR) and Security Operations (SOC) teams.
Combine technical investigations with geopolitical and regional context to deliver comprehensive, context-rich assessments.
Respond to internal and external Requests for Information (RFI), offering timely, actionable intelligence.
Collaboration and Information Sharing:
Partner with internal teams, external partners, industry peers, and intelligence-sharing communities to enhance the organisation's threat landscape awareness.
Engage in information-sharing forums and maintain current knowledge of emerging threats, vulnerabilities, and threat actor trends.
Tool Management:
Manage and optimise threat intelligence platforms, sources, and feeds to improve analysis efficiency
Evaluate and recommend new tools or platforms to strengthen the Threat Intelligence function's capabilities.
Functional and Technical Skills:
• Experience in Threat Intelligence analysis, ideally with experience in APT research, C2 tracking, and emerging geopolitical threats.
• Strong understanding of networking protocols (e.g., TCP/IP, DNS).
• Familiarity with the Cyber Threat Intelligence lifecycle and frameworks such as MITRE ATT&CK and the use of STIX/TAXII.
• Understanding of offensive security reconnaissance and attacker methodologies
• Experience assisting or interfacing with DFIR, IR, and SOC teams.
Qualifications (desired but not required):
• Certifications such as SANS FOR578 (Cyber Threat Intelligence) or CREST Threat Intelligence Analyst (CRTIA).
• Exposure to geopolitical risk analysis and its impact on the threat landscape.