Develop a baseline Threat and Risk Model:
Articulating current and emerging threats, along with suggested remediation plans and a gap analysis of emerging threats against existing SOC services to highlight areas of greatest risk
The engagement would require the candidate to possess strong technical and analytical skills to build the relationship between assets, vulnerabilities, threats and risks with a strategic and technical cyber intelligence skill set. 5-7 year's experience in cybersecurity with in-depth understanding of threat intelligence and analysis, threat Intel industry approach and model(s)
Standard Job Requirements
- Develop a threat and risk model and underlying threat analysis process.
- Develop processes and procedures that enable ingested intelligence and vulnerability data to be transformed into an updated view of the organisation's threat landscape with risk profiles specific critical assets
- Develop threat scenario and corresponding attack vectors(potential) considering top 5 threats
- Develop and recommend the improvements on current playbooks for the top five threats
- Strong analytical and problem solving skills
- Knowledge of security intelligence threats and threat actors.
- Knowledge of log formats for syslog, http logs, DB logs and how to gather forensics for trace-ability back to event
- Knowledge of frameworks of Indicators of Compromise for example OpenIOC and data formats like STIX,JSON etc
- Experience with log management or security information management tools
- Experience on or good understanding about Threat Intelligence and Threat Hunting platforms
- Should have a good understanding of SANS Top 20 Critical Security Controls; Ten Steps to Cyber Security.
- Ability to make information security risk determinations based of of threat intelligence analysis
- Effective verbal and written communication skills