Job Description
Volexity’s Senior Threat Intelligence Analysts assist in investigating the attackers behind some of the most exciting incidents in the industry, exploring threat actors using previously unseen techniques and new vulnerabilities.
Individuals applying for this role should expect a job opportunity where they can:
- Expose the use of unknown vulnerabilities, tools, and tactics used by advanced threat groups.
- Help protect NGOs, activists, dissidents, human rights defenders, and other highly targeted groups.
- Work on investigations that you are personally invested in.
- Contribute to open-source projects, if desired.
- Be part of an industry-leading threat intelligence team.
- Have flexible work hours and a remote-friendly environment.
Candidates are expected to have experience in analyzing attacker infrastructure, tools, and investigating criminal and nation state actors.
Responsibilities
The responsibilities of a Senior Threat Intelligence Analyst will include:
- Working closely with incident response and network security monitoring teams to improve detection and bolster response efforts by finding additional tools, malware, and infrastructure
- Identifying new and interesting threats leveraging proprietary, commercial, and open-source data sources
- Triaging malware to identify its purpose and function, and further extract key information that can be used to defend networks
- Producing high-quality, written communication summarizing findings from investigations using succinct and clear language
- Playing a key part in managing and publishing threat data to customers
Required Skills & Experience
As a Senior Threat Intelligence Analyst, the expected skills and experience will include:
- At least three years of experience working in Threat Intelligence or a functionally-adjacent role
- Excellent knowledge of the current threat landscape and the TTPs of various threat actors.
- Resourceful self-starter who is able to work with a team and independently when required
- Introductory or higher proficiency in Python, with ability to produce scripts to manipulate data or interact with API endpoints to retrieve desired data
- Introductory or higher proficiency in Malware Analysis
- Moderate or higher proficiency in writing YARA and Suricata signatures; a successful candidate will be able to recognize the qualities of good signatures and creates solid signatures for both the YARA and Suricata formats
- Moderate or higher proficiency in analyzing attacker infrastructure via banner data services or other means.
- High-quality written communication skills, with the ability to document findings for customers in long-form reporting.
- Ability to quickly extract relevant threat intelligence from public reporting and apply that to various detection scenarios
Preferred Experience
Successful candidates for this role may also demonstrate some of the following:
- Use of Maltego to explore attacker infrastructure
- Experience building simple systems to provide ongoing intelligence on specific threat actors
- Experience in publicly presenting details of attacks to non-technical audiences
- Prior experience responding to interesting attacks, working directly in or with a SOC or IR team
- Having an understanding of which facets of signatures can lead to false positives and how to avoid them
Collaboration
In terms of working with others, Senior Threat Intelligence analysts will be expected to:
- Work with different organizations and or service providers to participate in threat intelligence sharing
- Build strong relationships with relevant stakeholders in other teams within Volexity
- Compile threat intelligence reporting from multiple sources and report out to our valued customers
- Maintain a strong working relationship with government or relevant business entities in threat intelligence
Volexity Inc. is an Equal Opportunity Employer.