Senior Cyber Threat Intelligence Analyst Briefer

SUMMARY

The Senior Cyber Threat Intelligence (CTI) Analyst Briefer is a motivated, independent, and critical thinker that plays a critical role in the application of threat intelligence for the enablement of a stakeholders' network security. The analyst will address threat intelligence needs, leverage Arete's unique knowledge, analyze threat intelligence data from various sources, and interpret the information, to produce informative products, briefs, reports, marketing collateral, and other means of supporting stakeholders with actionable insights to enhance their cybersecurity posture.

During client engagements, the Sr. CTI Analyst Briefer works closely with a team of experts to provide case support, and analysis of alternatives to advise clients. The analyst will build a relationship with the client or stakeholder to ensure the engagement's objectives and expectations are met based on the client's request. They will leverage their technical expertise in Cybersecurity, CTI, Threat Detection, Dark Web, Incident Response and Digital Forensics (DFIR) to successfully execute responsibilities. The work may occasionally include after-hours support during major engagements.

ROLES & RESPONSIBILITIES

• Works with stakeholders to determine cyber threat intelligence needs and requirements and identify the most effective methods for fulfilling these unique requirements.
• Conducts research into current threat activity to determine relevant threat intelligence by collecting, analyzing, and interpreting threat intelligence data from various sources, including open-source intelligence (OSINT), commercial feeds, internal logs, and dark web monitoring.
• Monitors and tracks cyber-crime and advanced persistent threats and report on their tools, techniques, and procedures (TTPs) of attacker's motivations, industry, and attacker trends.
• Works with the team to help evaluate current and emerging tools and best-practices for tracking cyber-crime and advanced persistent threats.
• Provides support for intelligence activities, initiatives, and projects.
• Produces briefing material, written products, and graphics to convey analysis, both verbally and in writing, to a variety of audiences.
• As required; presents tactical, operational, and/or strategic intelligence about threat groups, methodologies, and motivations behind their activity.
• Correlates threat intelligence to identify relevant threat activity and trends.
• Analyzes the origins, pathways, and methodologies of malicious cyber activities to attribute, model and predict future intrusions.
• Engages with external entities, such as industry sharing groups, government agencies, and intelligence communities, to exchange information and collaborate on threat intelligence initiatives.
• Contributes to the development and enhancement of threat intelligence tools, technologies, and processes to improve automation, data analysis, intelligence sharing, and service offerings.
• Collects accurate information from clients to be able to complete requests.
• Participates in communications with the client during the engagement for matters related to cyber threat intelligence, such as dark web research.
• Ensures requests are delivered to the internal stakeholder, client, and/or counsel in a timely fashion.
• Ensures communication with clients are frequent and reporting any issues to the CTI Leader.
• Communicates pertinent findings to the Engagement Lead during investigations.
• Ensures final reports are accurate and professional meeting the request objectives. Seeks and obtains a peer review from a member of the team before delivering final reports.
• Develops compelling and accurate written content, including reports, articles, blog posts, whitepapers, weekly and quarterly threat reports, and other collateral, to effectively communicate cyber threat intelligence findings to both technical and non-technical audiences.
• Translates complex technical concepts and cyber threat intelligence data into compelling and accessible language, emphasizing the benefits and competitive advantages of our cybersecurity solutions.

• May perform other duties as assigned by management.

SKILLS & KNOWLEDGE

• Knowledge of CTI, Dark Web, malware analysis, or countermeasure development.
• Practical hands-on experience with Cyber Threat Intelligence concepts.
• Ability to work effectively in a fast-paced, dynamic environment and follow through with assigned tasks to meet deadlines.
• Familiarity with malware analysis and understanding of technical reports generated by malware analysts and sandbox systems.
• Knowledge of different Cybercrime threat actor groups, and their TTPs.
• Ability to learn and hunt in endpoint telemetry data to identify threats.
• Knowledge or experience of ransom negotiations.
• Ability to correlate threat intelligence, from the industry or region, to observed activity impacting clients.
• Ability to work under a minimal supervision environment maintaining high quality analytical production and excellent relationship with stakeholders.
• Ability to manage relationships with stakeholders.
• Adaptable and willing to learn new technologies.

JOB REQUIREMENTS

• Bachelor's degree in Cybersecurity, Intelligence Studies, Political Science, Information Assurance, Computer Science, Engineering, or related field. Graduate degree preferred.
• 5+ years of proven experience in cyber threat intelligence analysis, incident response, or a related field.
• Excellent written and verbal communication skills, with the ability to present technical information to both technical and non-technical stakeholders.
• Ability to follow guidance to take non-traditional and creative approaches to solving problems and having the ability to quickly adapt as needed.
• Familiarity with threat intelligence platforms, tools, and standards such as MISP, ThreatConnect, STIX/TAXII.

DISCLAIMER

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all responsibilities, duties and skills required personnel so classified.

WORK ENVIRONMENT

While performing the responsibilities of this position, the work environment characteristics listed below are representative of the environment the employee will encounter: Usual office working conditions. Reasonable accommodation may be made to enable people with disabilities to perform the essential functions of this job.

PHYSICAL DEMANDS

• No physical exertion required.
• Up to 25% travel within or outside of the state.
• Light work: Exerting up to 20 pounds of force occasionally, and/or up to 10 pounds of force as frequently as needed to move objects.

TERMS OF EMPLOYMENT

Salary and benefits shall be paid consistent with Arete salary and benefit policy.

FLSA OVERTIME CATEGORY

Job is exempt from the overtime provisions of the Fair Labor Standards Act.

DECLARATION

The Arete Incident Response Human Resources Department retains the sole right and discretion to make changes to this job description.

EQUAL EMPLOYMENT OPPORTUNITY

We're proud to be an equal opportunity employer- and celebrate our employees' differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.

#LI-ONSITE

#LI-HYBRID

#LI-REMOTE

Arete Incident Response is an outstanding (and growing) company with a very dedicated, fun team. We offer competitive salaries, fully paid benefits including Medical/Dental, Life/Disability Insurance, 401(k) and the opportunity to work with some of the latest and greatest in the fast-growing cyber security industry.

When you join Arete

You'll be doing work that matters alongside other talented people, transforming the way people, businesses, and things connect with each other. Of course, we will offer you great pay and benefits, but we're about more than that. Arete is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Arete, where experience matters.

Equal Employment Opportunity

We're proud to be an equal opportunity employer- and celebrate our employees' differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.