Careers @ Volexity

Posted: September 2022
Location: Remote/Global

Senior Threat Intelligence Analyst

Volexity is on the hunt for a Senior Threat Intelligence Analyst to help expand its rapidly growing Threat Intelligence service.

Job Description

You want to be one of the first to assist in investigating the attackers behind some of the most exciting incidents in the industry, such as the SolarWinds supply chain attack, Microsoft Exchange 0-days and other vulnerabilities. You have experience in analyzing attacker infrastructure, tools, and investigating criminal and nation state actors.

You are looking for a job opportunity where you can:

    • Expose the use of unknown vulnerabilities, tools, and tactics used by advanced threat groups.
    • Help protect NGOs, activists, dissidents, human rights defenders, and other highly targeted groups.
    • Work on investigations that you are personally invested in.
    • Contribute to open-source projects, if desired.
    • Be part of an industry-leading threat intelligence team.
    • Have flexible work hours and a remote-friendly environment.

Responsibilities

As a Senior Threat Intelligence Analyst, your responsibilities include:

  • Working closely with incident response and network monitoring teams to improve detection and bolster response efforts by finding additional tools, malware, and infrastructure
  • Identifying new and interesting threats leveraging proprietary, commercial, and open-source threat intelligence sources
  • Triaging malware to identify its purpose and function, and further extract key information that can be used to defend networks
  • Producing high-quality, written communication summarizing findings from investigations using succinct and clear language
  • Playing a key part in managing and publishing threat data to customers

Required Skills

As a Senior Threat Intelligence Analyst, your expected skillset will include the following:

  • Resourceful self-starter who is able to work with a team and independently when required
  • Good understanding of network protocols
  • Excellent knowledge of the current threat landscape and the TTPs of various threat actors
  • Introductory or higher proficiency in Python, with ability to produce scripts to manipulate data or interact with API endpoints to retrieve desired data
  • Introductory or higher proficiency in Malware Analysis
  • Moderate or higher proficiency in writing YARA and Suricata signatures; a successful candidate will be able to recognize the qualities of good signatures and creates solid signatures for both the YARA and Suricata formats
  • High-quality written communication skills, with the ability to document findings for customers in long-form reporting, and (if desired) present to an external audience
  • Ability to quickly extract relevant threat intelligence from public reporting and apply that to various detection scenarios

Preferred Experience

Successful candidates for this role may demonstrate some of the following experience or skills:

  • Writing host-based detection logic for endpoint detection and response systems, such as Carbon Black, Defender for Endpoint, etc.
  • Maltego expertise, both writing transforms and general manipulation of the tool
  • Network analysis tools (Wireshark/Tshark, TCPDump, etc.)
  • Basic web-development experience to assist with building and maintaining systems used to automate and manage threat intelligence data
  • Experience building systems to provide ongoing intelligence on specific threat actors
  • Prior experience responding to interesting attacks, working directly in or with a SOC or IR team
  • Having an understanding of which facets of signatures can lead to false positives and how to avoid them

Collaboration

In terms of working with others, Senior Threat Intelligence analysts will:

  • Work with different organizations and or service providers to participate in threat intelligence sharing
  • Compile threat intelligence bulletins from multiple sources and report out to our valued customers
  • Maintain a strong working relationship with government or relevant business entities in threat intelligence

I’m interested!


Volexity Inc. is an Equal Opportunity Employer.