US - TX - Dallas, US - MA - Boston, US - CA - Los Angeles, US - TX - Austin, US - VA - Arlington
As a Cyber Intelligence Analyst at Rapid7, you will investigate the newest cyber events and threat actors and be exposed to trending global cyber events, dark web news, while use the IntSights Platform and your own research skills to find pieces of information, connect the dots and establish timelines of attack, identify threat actors interests and motivations and track down the bad guys that pose a threat to our customers.
You will need a thorough understanding of the cyber threat landscape, from malware types and attack vectors, web hacking and testing, to technical understanding of TTPs in order to replicate and mitigate them. You will also need a good OSINT investigation abilities and familiarity with various dark web communities and ecosystems.
Your role will include summarizing your findings and creating reports for our customers, which will require you to be independent and thorough, while creating an accurate and complete intelligence output in a sentence, a paragraph, or a highly detailed ten-page document.
What will you do?
· Track day-to-day emerging cyber events and identify those with the greatest impact on our customers.
· Receive client research requests and investigate them according to the time and scope defined. Use every tool at your disposal to get the information required and develop new ways to collect and find the necessary data.
· Analyze ongoing attacks as phishing, DDoS, data leakage and ransomware to assess their origin, purpose, and impact on our customers.
· Track down threat actors across the clear, deep, and dark web. Engage with hackers to retrieve more intelligence and collect unique information which is not otherwise accessible.
· Contribute to the infosec community through papers, blogs, and presentations on new and innovative findings.
· Be a leading knowledge source in information security and cyber matters supporting other departments with your knowledge and expertise.
· 1+ Years experience in cyber threat intelligence or equivalent role with a good knowledge in clear, deep and dark web forums and OSINT intelligence sources and tools.
· Experience in investigating threats, utilizing OSINT, HUMINT and other research techniques to uncover threat actors and their TTPs while providing context to threats and reaching conclusions from incomplete or missing data.
· Technical know-how on extracting threat data (IP's, domains, ports, malware, and malicious communications) from multiple sources.
· Business understanding and familiarity with corporate security solutions.
· Experience with writing English papers and reports (from 3 to 20 pages).
· Foreign languages proficiency, especially Russian or Spanish.
· Former experience in a threat intelligence position.
· Experience in conducting independent research including downloading and installing OSs, tools, and infrastructure.
· Ability to synthesize technical information and present it in an engaging manner through graphical and verbal depictions.