Overview:
Core CFC helps defend its clients from cyber-attacks, through timely detection, investigation and remediation of potential threats.
Cyber Threat Intelligence Specialist has a deep experience with collection, analysis, processing, and distribution of threat intelligence in Cyber Fusion Center.
The Threat Intelligence Specialist will play a crucial role in identifying, analyzing, and mitigating potential threats to our organization's digital infrastructure, ensuring the continued security and resilience of our systems. The candidate should possess a deep understanding of cyber threat landscapes, excellent analytical skills, and the ability to provide actionable insights to enhance our organization's security posture.
The threat Intelligence Specialist will work within the CTI team in Cyber Fusion Center for Core42. The analyst will work closely with multiple teams, including incident response, threat defense, attack surface management and security engineering in a fast moving and agile environment.
Core42 is the UAE’s national-scale enabler for cloud and generative AI, combining G42 Group’s expertise across multiple technology disciplines into a single platform for public sector and large enterprise transformations. Building on our capabilities as sovereign cloud and HPC specialist, we bring generative AI, cybersecurity, professional and managed services expertise to enable national-scale program deployments across industries.
Responsibilities:
- Monitor and analyze various sources of threat intelligence, including open-source feeds, industry reports, dark web forums, and internal security data to identify emerging cyber threats, vulnerabilities, and attack techniques.
- Develop and implement strategic threat intelligence initiatives, guiding the organization's response to changing threat landscapes and threat actor behaviors.
- Identify trends and patterns in cyber-attack methodologies, tactics, techniques, and procedures (TTPs) to proactively assess potential risks to the organization's systems and assets.
- Monitor various online channels, including social media platforms, forums, and dark web forums, for mentions of our clients' brands and potential threats
- Create and deliver comprehensive threat intelligence reports, briefings, and presentations to inform stakeholders at various levels of the organization about emerging threats, risks, and recommended mitigation strategies.
- Lead threat intelligence efforts during security incidents, providing expert guidance to incident response teams to ensure rapid and effective resolution.
- Stay up to date with the latest cyber threat landscape, industry trends, and advancements in threat intelligence methodologies to ensure the organization remains ahead of potential threats.
Essential Job Functions
- Lead the day-to-day Cyber Threat Intelligence operations as an individual contributor.
- Leverage the threat intelligence lifecycle and priority intelligence requirements to track threat actors, research cyber threats, conduct analysis and create threat intelligence reporting to support Core42 CFC’s stakeholders.
- Analyze external technical and non-technical data from various intelligence sources to build threat actor profiles and track threat actor activities both externally and internally.
- Research new and emerging vulnerabilities, threat actor's tactics, techniques, and procedures, and conduct threat hunting within the environment for the presence of related activity.
- Collaborate with members of the Cyber Fusion Center on emerging threats, cyber threat actor's activities, targeting, and operational tempo.
- Support & Perform investigation and escalation for sophisticated or high severity security threats or incidents.
- Integration of Threat Intelligence, Digital Risk services with multiple security detection & response technologies.
Qualifications:
Required qualifications
- BA/BS/BE or MS degree in IT, Computer Science or equivalent required.
- 5+ years of experience in one or more of the following areas : Threat Intelligence, Incident Response, Digital Forensics or Malware Analysis.
- 2+ years of experience with Threat Intelligence platforms such as Anomali, MISP, OpenCTI, Threat Connect, etc.
- Experience with intelligence exchange protocols: STIX/TAXII.
- Working knowledge of Security related scripting, Python, SOAP/REST APIs, JSON, Kusto/KQL, PowerShell.
- Experience with SOC SOPs, playbooks, work instructions and/or other process documents.
- Relevant professional certifications in information technology or cloud security e.g. CISSP, CCSP, SANS FOR578(GCTI), SANS 508 (GCFA), etc.
- In depth understanding of industry standard threat frameworks (Lockheed Martin Cyber Kill Chain, Diamond Model, MITRE ATT&CK).
Good to have
- Experience working in, or related to, threat intelligence in Operational Technology (OT), Industrial Control Systems (ICS) and/or IoT industries.
- Experience working with various Cloud platforms, such as Azure, AWS or GCP.
- Experience working with Artificial intelligence and Machine learning technologies used for security detection.
What we look for:
If you are a performance-driven, inquisitive mind with the agility to adapt to ambiguity, you will fit right in. You should be eager to explore opportunities to build meaningful collaborations with stakeholders and aspire to create unique customer-centric solutions. Bias for action and a passion to conquer new frontiers in the AI space is at the heart of the Core42 community.
What working at Core42 offers:
Culture: An open, diverse, and inclusive environment with a global vision that encourages personal growth and focuses on groundbreaking, industry-first innovations.
Career: Outstanding learning, development & growth opportunities via structured training programs and innovative, high-tech projects.
Work-Life: A hybrid work policy to strike the perfect balance between office and home.
Rewards: A competitive remuneration package with a host of perks including healthcare, education support, leave benefits and more.
To confidently demonstrate that you meet the criteria above, please contact us.