Cyber Threat Intelligence Analyst

Australia - Melbourne

Location(s)

Australia - Melbourne

Team(s)

Information Security, IntSights


      

We are IntSights, a Rapid7 company, that has created a market shifting solution to DETECT, ANALYZE and REMEDIATE​ all kinds of threats and malicious information in the clear, dark & deep web.

Rapid7 (NASDAQ: RPD) is helping organizations around the globe advance securely. Our technology, services, and community-focused research simplify complexity for security teams, helping them reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. With more than 9000 customers across 120+ countries, Rapid7 is a recognized leader in cybersecurity that has proudly earned numerous industry accolades and strong recognition for our technology and culture.

We're searching for a Cyber Threat Intelligence Analyst to join our “Threat Command” team and take our threat intelligence analysis capabilities to the next levels.

As a Cyber Threat Intelligence Analyst at Rapid7, you will investigate trending global cyber events and emerging dark web threats, while using the IntSights platform and your own research skills to find pieces of information, connect the dots and establish timelines of attack, identify threat actors interests and motivations and track down the bad guys that pose a threat to our customers. 

You will gain a thorough understanding of the cyber threat landscape, from malware types and attack vectors to technical understanding of TTPs and their associated threat in order to replicate and mitigate them. This role will require excellent OSINT investigation abilities and familiarity with various dark web communities and ecosystems, coupled with advanced knowledge in cybersecurity fundamentals and underlying concepts.

Your role will include responding to clients' RFIs and creating intelligence reports, which will require an independent, thorough and diverse individual, capable of creating accurate and complete intelligence outputs, while also being “customer first” in the highest industry standards. 

What will you do?

·        Respond to customers' RFIs and investigate them according to the time and scope defined, while using every tool and technique at your disposal to uncover new information.

·        Educate and empower our customers, providing them with additional context on various threats and advising on best practices.

·        Analyze ongoing attacks as phishing, DDoS, data leakage, ransomware and more, to assess their origin, purpose, and impact on our customers.

·        Track down and engage with threat actors across the clear, deep, and dark web to gain further insights and intelligence which is otherwise not accessible. 

·        Be a leading source of knowledge in threat intelligence, supporting other departments using your wide set of skills and expertise.

Requirements

·        1+ Years experience in cyber threat intelligence or equivalent role with advanced familiarity with cybercrime communities and OSINT sources and tools.

 ·        2+ Years experience in the cybersecurity industry or equivalent knowledge in cybersecurity fundamentals and underlying concepts gained through formal education.     

·        Experience in a customer-oriented role and able to grasp, synthesize and summarize complex concepts in a clear and engaging manner.  

·        Experience in investigating threats, utilizing OSINT, HUMINT and other research techniques to uncover threat actors and their TTPs while providing context to threats and reaching conclusions from incomplete or missing data.

·        Technical know-how on extracting threat data (IP's, domains, ports, malware, and malicious communications) from multiple sources.

·        Business understanding and familiarly with corporate security solutions.

·        Excellent verbal and written communication skills in English.      

 

Advantage

·         Bachelor's degree in a relevant discipline.

 ·         Foreign languages proficiency, Russian or Spanish preferred.

 ·         Former experience in a threat intelligence position.

·         Experience utilizing ticket systems and associated workflows (Zendesk or Salesforce preferred).