Cyber Threat Intelligence Manager
Abu Dhabi
Salt is partnering with the leading provider of cloud and IT infrastructure services, specializing in managed cloud solutions and digital transformation for enterprise clients based in Abu Dhabi.
As an urgent opening, they are looking for a Cyber Threat Intelligence Manager who will play a crucial role in identifying, analyzing, and mitigating potential threats to the organization's digital infrastructure, ensuring the continued security and resilience of their systems.
Key responsibilities
- Monitor and analyse various sources of threat intelligence, including open-source feeds, industry reports, dark web forums, and internal security data to identify emerging cyber threats, vulnerabilities, and attack techniques.
- Develop and implement strategic threat intelligence initiatives, guiding the organization's response to changing threat landscapes and threat actor behaviors.
- Identify trends and patterns in cyber-attack methodologies, tactics, techniques, and procedures (TTPs) to proactively assess potential risks to the organization's systems and assets.
- Monitor various online channels, including social media platforms, forums, and dark web forums, for mentions of our clients' brands and potential threats
- Create and deliver comprehensive threat intelligence reports, briefings, and presentations to inform stakeholders at various levels of the organization about emerging threats, risks, and recommended mitigation strategies.
- Lead threat intelligence efforts during security incidents, providing expert guidance to incident response teams to ensure rapid and effective resolution.
Qualifications and experience
- BA/BS/BE or MS degree in IT, Computer Science or equivalent required.
- 7+ years of experience in one or more of the following areas: Threat Intelligence, Incident Response, Digital Forensics or Malware Analysis.
- 2+ years of experience with Threat Intelligence platforms such as Anomali, MISP, OpenCTI, Threat Connect, etc.
- Experience with intelligence exchange protocols: STIX/TAXII.
- Working knowledge of Security related scripting, Python, SOAP/REST APIs, JSON, Kusto/KQL, PowerShell.
- Experience with SOC SOPs, playbooks, work instructions and/or other process documents.
- SANS certifications
- In depth understanding of industry standard threat frameworks (Lockheed Martin Cyber Kill Chain, Diamond Model, MITRE ATT&CK).