MUST HAVE certification in either CISSP or CISA or both.
Strong knowledge of Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength
Working knowledge of IS programs including, Incident Management, Vulnerability Assessment, Cyber Intelligence, Infrastructure Defence, Security Operations
Provide advice and guidance in relation to Threat Intelligence as and when required
Measure the effectiveness of the Cyber hunting capabilities to ensure appropriate plans are in place to address lower performance and ineffective practices
Conduct Network, Endpoint and log analysis by utilizing various consoles on a regular basis (SIEM, Firewalls, IPS, etc)
Track Cyber threat actors/campaigns based on the technical analysis and open source intelligence
Research and track new exploits and cyber threats
Understanding of attack methodologies and defense strategies (i.e. SQL injection, buffer overflow, DoS, ARP poisoning, etc)
A thorough understanding of the cyber threat intelligence lifecycle, Cyber Kill Chain, and Diamond Model
Conducts complex analysis and interpret cybersecurity threat intelligence to identify emerging risks and vulnerabilities, quantifies potential impact, and develops conclusions and recommend supervisory responses
Engagement with IT and other related units to provide inputs and requirements to influence threat mitigation strategies
Analysis of internal risk and security data controls to identify for security weaknesses
Manage and consolidate the cyber threat data sources, compile reports and provide
Lead the enhancement and optimization of implemented reporting mechanisms to demonstrate the value of the Cyber Intelligence function with tangible benefits
Liaison for external intelligence agencies and law enforcement Leads consulting and subject matter expert engagement for enterprise security services