This role is closed!
Threat Detection Analyst
Essentials
Job title: Threat Detection Analyst ( Middle or Senior)
Location: Bucharest, Hybrid
Type: employment contract
Offer
Contributing to a high scale, complex, world renowned product and seeing real-time impact of your work on millions of people worldwide
Working in a fast-paced and performance driven culture
Technical, behavioral and interpersonal competence advancement via on-the-job opportunities, experimental projects, hackathons, conferences and active community participation
Competitive compensation and benefits package
Vast amounts of data to validate your ideas and the opportunity to experiment with real users
Client
Our client is a new established Center of Excellence based in Bucharest, Romania and was created to support the increasing business.
The Center of Excellence provides access to specialized and highly skilled talent, leading industry best practices, and collaboration opportunities across all our client brands. As part of our client’s Romania team, you will have the opportunity to be a part of the world’s leading provider of online travel, with a mission of making it easier for everyone to experience the world through six-primary consumer facing brands.
Role
The Threat Detection Engineer will share a passion for engineering solutions to complex security problems. The cybersecurity threat intelligence analyst is an advanced and highly trusted role supporting the enterprise cybersecurity program. Additionally, the cybersecurity threat intelligence engineer serves across all areas of threat intelligence to help inform and defend the business and protect brand reputation. The thread detection engineer monitors application, host and network threats, including external threat actors and rogue insiders. As a trusted member of the cybersecurity team and industry community, the analyst works closely with internal technical teams, business units and external entities aligned with the business, including private intelligence-sharing groups, law enforcement, government agencies and public affiliation peers.
The cybersecurity threat intelligence analyst is responsible for conducting in-depth research, application development, documenting threats, understanding the risk to the business, and sharing information with those who need to know. Among the research conducted, the analyst will seek to uncover patterns and trends and be forward-thinking as to how threats may evolve. Furthermore, the analyst will participate in simulation exercises designed to uncover weaknesses related to threats, with the goal of implementing defensive solutions prior to attacks and disrupting attacks in progress. The analyst will also distill threat intelligence so technical and non-technical contacts can understand it and make educated decisions about next-step actions.
Ideal candidates will understand networking fundamentals, infrastructure systems and familiarity with cloud. Must be detail oriented, able to manage multiple tasks, and work independently as well as in a team setting. Excellent communication skills, collaboration skills and ability to adapt to shifting priorities are critical.
Responsibilities
Research current and emerging threats facing the business and industry sector
Track threat actor infrastructure and associated malware families
Centralize multiple threat sources (premium, industry-shared, open-source, dark web), correlate indicators and threats, and distill actionable intelligence
Use automation to efficiently streamline and de-duplicate threats for playbooks, but use human analysis for actionable decision-making
Actively hunt for exposures and identify incidents warranting action to disrupt and remediate threats
Use and assign indicator severity and impact ratings to determine appropriate plans of action
Document threats into contextual reports outlining severity, urgency and impact, and ensure they can be understood by both management and technical teams
Serve as a trusted advisor to establish credibility with business unit leadership and technical teams
Share relevant information with stakeholders and make recommendations for next steps when facing threats
Actively participate in threat hunting tabletop exercises to hone and strengthen skills across the team
Evaluate and implement deception techniques designed to thwart adversaries
Work closely with security leadership to instill cybersecurity policies and practices throughout business units to address security operations, incident response, application security and infrastructure
Actively inform and engage in security projects across the business to disrupt active or potential threats
Be readily available to participate in collaborative threat analysis meetings with internal and external trusted entities
Analysis of known and emerging threats to determine risks
Participate collecting, assessing, and cataloging threat indicators
Assist with the creation and/or maintenance of operational security metrics with dashboards and reports
Requirements
At least 4-7 years of cybersecurity experience (or information technology coupled with cybersecurity)
Strong written and verbal communication skills across all levels of the organization
Applicable knowledge of adversary tactics, techniques and procedures (TTPs)
Familiarity with MITRE ATT&CK framework, CVSS, open source intelligence (OSINT) and deception techniques
Demonstrated ability to investigate, handle and track incidents
Proficient in SIEM, intrusion detection and prevention systems (IDS/IPS), threat intelligence platforms and security orchestration, automation and response (SOAR) solutions to centralize and manage incident and remediation workflow
Ability to analyze incident logs, assess malware, and understand vulnerabilities and exploits, along with strong operating systems knowledge
Experience in incident handling, vulnerability management, hacking tools, intelligence gathering and kill chain methodology
Proven threat hunting experience and ability to track adversaries
Demonstrated experience conducting tabletop exercises and adversary emulation
Capable of working with diverse teams and promoting an enterprise-wide positive security culture
Apply today
If you meet the minimum requirements and are interested in applying for this position, please send your details to careers@key-talents.com with “Threat Detection Analyst”, in the subject line.