Threat Intelligence Job Description
Threat intelligence
provides research support on cyber threat intelligence for customers in Cyber Operations, Security Assurance, and the Red Team.
Threat Intelligence Duties & Responsibilities
To write an effective threat intelligence job description, begin by listing detailed duties, responsibilities and expectations. We have included threat intelligence job description templates that you can modify and use.
Sample responsibilities for this position include:
Experience with a variety of security-related processes, including secure coding practices, patch management, vulnerability analysis, IDS/IPS, and malware analysis
Strong understanding of common threat scenarios and attack techniques to include vulnerability exploitation, malicious code, email-based attacks, web browser attacks, denial-of-service
Responsible for defining information security policies and procedures
Develop and maintain relationships with key support areas, platform owners and LOB’s to provide ongoing input for accurate risk assessment, helping identify security risks in applications and provide guidance in the implementing of appropriate data security procedures and products
Contribute to the review and improvement of processes and procedures within the department to achieve maximum efficiency
Identifying new sources for intelligence collection
Rating and reviewing intelligence sources on a periodic basis
Automating intelligence gathering
The maintenance of automated and vendor feeds
Open Source Intelligence Collection and analysis
Threat Intelligence Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Threat Intelligence
List any licenses or certifications required by the position: CISSP, SANS, CEH, GCIH, GSEC, SEC504, GCIA, SEC503, GIAC, GREM
Education for Threat Intelligence
Typically a job would require a certain level of education.
Employers hiring for the threat intelligence job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Intelligence, Education, Information Security, Cyber Security, Computer Engineering, Engineering, Technical, Technology, Information Technology
Skills for Threat Intelligence
Desired skills for threat intelligence include:
Techniques
Procedures
Networking
Cyber Kill Chain
Malware
Relevant network defense and intelligence frameworks
Foundational threat intelligence analysis frameworks
Detect
Respond security operations
Standard monitor
Desired experience for threat intelligence includes:
Certifications in security preferred (eg
5 years experience in enterprise-wide information security and 2 years in managing PCI compliance in a PCI compliant environment
Knowledge of information security industry standards/best practices and compliance with security laws and regulations (FDIC, FFIEC, and Gramm-Leach Bliley Act)
3+ years experience in security control audits/evaluations of internal and outsourced information systems
Current designation and maintenance of Certified Payment Card Industry Security Manager (CPISM)
Current designation and maintenance of a Certified Information Systems Security Professional (CISSP) or similar certification
Threat Intelligence Examples
1
Threat Intelligence Job Description
Job Description Example
Our innovative and growing company is searching for experienced candidates for the position of threat intelligence. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for threat intelligence
- Developing, implementing, and supervising the execution of processes to ensure a repeatable, but agile, methodology exists to quickly evaluate and implement effective threat intelligence products and services for a variety of internal, executive, and external stakeholders
- Building and overseeing the implementation of tools and technologies to realize the overarching threat intelligence, partnering heavily with our SunTrust Security Operations Center, Security Engineering, and IT Engineering groups as necessary
- Supervising and mentoring intelligence analysts in ensuring that threat intelligence products and services are consistently delivered with high degrees of quality
- Partnering effectively at all levels of the technology organization and with business partners, where needed, to ensure that new or existing cyber security controls are implemented with limited or ideally no impacts to the user experience
- Knowledge of classes of software vulnerabilities and threats and of database query languages
- Familiarity with industry-standard classification schemes (CVE, CVSS, CWE, CPE, CAPEC)
- Strong understanding of host and network security concepts, such as system hardening, log management, intrusion detection & prevention systems, firewalls
- Proficiency with at least one programming or scripting language, such as Python, Perl, .NET
- Verifies that application software/network/system security postures are implemented as stated, documents deviations, and recommends required actions to correct those deviations
- Manages and administers the updating of rules and signatures (e.g., intrusion detection/protection systems, anti-virus, and content blacklists) for specialized cyber defense applications
Qualifications for threat intelligence
- Bachelor’s degree and/or equivalent work experience- 5+ years of security, network or operating system related technologies experience – SOC or Threat Intelligence experience also preferred
- Experience in scripting to improve process automation
- Subject matter expert (SME) in one or multiple areas such as SIEM, Proxy or Firewall administration, IDS/IPS, Threat Detection, or Information Risk
- Experience in reviewing and analyzing log files and data correlation
- 7 or more years of experience in information systems security
- Knowledge of computing laws and regulations
2
Threat Intelligence Job Description
Job Description Example
Our growing company is looking for a threat intelligence. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for threat intelligence
- Compose white papers about your research for publication
- Contribute to our well-read blog about any technical topic of interest, including day-to-day work or outside interests, when possible
- Direction, productization, and full lifecycle management of threat intelligence-related products and features
- Executes an intelligence life cycle, including requirements gathering, intelligence collection, analysis, targeted distribution, and feedback to produce relevant, timely, accurate, and actionable intelligence providing the “who, what, when, where, why, how, and importance” of cyber threats including those associated with espionage, hacktivism, cybercrime, malicious software, social engineering, and emerging threats
- Collaborates with internal partners to provide intelligence and reporting which meets business needs
- On behalf of Global Cybersecurity, prepare and deliver regular written and verbal briefings across all levels of the enterprise delivering authorised briefings to external clients when required
- The analyst leads TI activities as a customer surrogate in support of enterprise-level cyber security incidents, provides situational awareness to appropriate personnel through clear and concise communications, and promotes a proactive response to possible threats by staying current with, analyzing, and identifying mitigations for emerging threats to the customer’s IT infrastructure
- In order to accomplish these tasks, the analyst works closely with cyber intelligence analysts, digital forensics investigators, malicious code reverse engineers, Cyber Security Operations Center (CSOC) analysts, and customer leadership affected by cyber security events
- Focusing on enterprise-level TI, responsibilities entail developing and operationalizing TI in support of CSOC investigations of suspected intrusions, pro-active management of enterprise information security resources, and the technical evaluation of enterprise networks, systems, and applications against the cyber threat and associated risk of cyber attack
- Provide accurate, complete and timely written documentation for all project phases including ongoing status reports and deliverables detailing technical issues identified and their associated business risks
Qualifications for threat intelligence
- Possess security certifications (CISSP, CCNA, CEH)
- Proven experience performing or leading cyber threat management and intelligence, to including collection and aggregation of threat data, automated or manual analysis, and reporting
- Strong knowledge of a broad array of other systems security technical controls and processes (e.g., identity & access management, system hardening, audit and log file monitoring, DLP, security policies, incident response, intrusion prevention, vulnerability management)
- Working knowledge of relevant financial industry cyber security regulations, standards, and controls frameworks, FFIEC, PCI-DSS, GLBA, ISO 2700x)
- Bachelor Degree in computer sciences, engineering, information security or an equivalent combination of education, training, and experience
- Microsoft Certified Systems Engineer (MCSE) and Information Systems Security Professional (ISSP) certifications expected
3
Threat Intelligence Job Description
Job Description Example
Our company is growing rapidly and is hiring for a threat intelligence. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for threat intelligence
- Establish and maintain rapport with client technical staff and management staff
- Escalate engagement and client related issues, where appropriate, to engagement lead
- Provide deliverables and status reports with engagement results and remediation guidance
- Assist with Cyber Threat Intelligence research in support of internal projects
- Contribute to public research objectives
- Team leader within the Security Operations team focused on establishing and delivering a threat intelligence capability
- Producing, editing, and distributing a variety of concise and actionable threat analysis and warning products in written and presentation form to an audience that spans a range of customers from senior company executives to security analysts and system administrators
- Conducting studies and making recommendations to identify cyber threats
- Identifying and developing threat signatures from all available sources
- Apply critical thinking and writing with a focus on attacker capability to destroy, degrade or deny access to systems and information
Qualifications for threat intelligence
- Nine or more years of experience in computer forensic analysis
- Fundamental Internet protocols, services, and technologies (e.g., HTTP/HTTPS, DNS, SMTP, SSH, LDAP, TCP/IP, ICMP, JSON, REST)
- Excellent technical writing abilities verbal communication skills
- Technical expertise and/or breadth in systems environments and strategic technologies
- Reverse engineering and experience on multiple platforms
- Threat intelligence correlation experience is a plus
4
Threat Intelligence Job Description
Job Description Example
Our growing company is hiring for a threat intelligence. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for threat intelligence
- Assists in the refinement of the application penetration testing framework, including deliverables, custom script development, testing methods and techniques, and ongoing research
- Work with other IT support departments to ensure best practices are followed for maintaining SEP
- Utilize experience analyzing and synthesizing information with other relevant data sources, providing guidance to analysts and operators, evaluating, interpreting, and integrating all sources of information, and fusing computer network attack analyses with available threat feed data
- Communicate to team members and senior leadership both quantifiable and qualifiable cyber risk to the organization through operational briefings and threat intelligence reports
- Train and mentor junior team members on intelligence analysis
- Develop and use predictive analytics to counter threats by tracking attack campaigns
- Provide actionable information by producing
- Conduct studies and make recommendations to produce a library of cyber threats
- Collaborate with teammates to develop focused threat intelligence that protects our clients
- Perform a thorough assessment of Customer Enterprise risks and identify areas of improvement within the Security landscape
Qualifications for threat intelligence
- Strong communication skills, particularly written communication
- At least one security related certifications CISSP, CISM, CISA
- Experience with support of Information Security operational needs incident response, problem management, investigation support, data collection, and Information Security initiatives
- Ability to manage teams including scheduling, performance review and handling personnel issues
- Ability to write threat analysis reports and provide mitigation recommendations
- Demonstrated drive and interest in security topics
5
Threat Intelligence Job Description
Job Description Example
Our innovative and growing company is looking to fill the role of threat intelligence. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for threat intelligence
- Continuous development of advance hunt techniques for the identification of threat actors across the McDonalds environment
- Develop new threat intelligence, detection, and hardening strategies
- Provide information protection expertise to operational teams to ensure systems are properly protected and monitored by design
- Profile new and emerging threats to the technology landscape
- Enhance internal investigation capabilities for responding to security events
- Serve as a member of the incident response team, providing mentoring to other team members as needed, while performing Level 2 support
- Contribute ideas to the future state technology roadmap ensuring effective investments are made to enable scale, quality, and maintenance and overall cost effectiveness
- Operate the SIEM and Security Analytics systems along with security monitoring and third party tools used for intrusion analysis and incident response
- Support information security investigations
- Refresh / develop new threat intelligence, detection, hardening strategies
Qualifications for threat intelligence
- B-degree in a Technology related field (NQF level no
- Strong programming skills in multiple languages (Python, Ruby, C, etc)
- Experience with cloud services and building distributed, scalable applications
- Experience with containers technologies
- Intermediate programming proficiency in the Python language
- Desire to learn more about data breaches and the methodologies attackers use to accomplish their tasks