Threat Intelligence & Vulnerability Analyst
The Threat Intelligence and Vulnerability Analyst (TIVA) is responsible for providing a combination of strategic, tactical and operational intelligence to the MDR Centre and its constituency. They gather and analyse tactical cyber threat and vulnerabilities intelligence and provide timely intelligence support to incident responders and guidance to threat hunter
• Establishes priority intelligence requirements for all key stakeholders.
• Demonstrates an understanding of business processes, risk management, and related
standards and regulatory requirement.
• Performs threat modeling to identify, classify, prioritize and rate threats based on thorough
analysis of the organization’s top risks and critical assets, and derive appropriate use cases to
be implemented into the MDR platform.
• Investigates and researches known indicators, correlate events, identify malicious activity, and
discover new sources to provide early warning for a variety of threats.
• Analyzes internal and external threat intelligence data sets, including vulnerabilities
intelligence, detect and track emerging threats and security trends.
• Produces timely, accurate, relevant and predictive intelligence by identifying and reporting on
malicious actors, campaigns, and other relevant activities.
• Produce and deliver timely, actionable threat intelligence to foster situational awareness,
enables proactive decision-making, and promote enhance active defense measures within True
• Monitors open source information feeds and threat actor activity to identify activity levels and
indicators for threats, targets of interest and possible attack vectors.
• Worsk with the other MDR Centre team to ensure that actionable indicators of compromise are
incorporated into appropriate technologies.
• Proactively recommends short-term and long-term changes based on threat intelligence to
improve MDR Centre tools and detection capabilities.
• Bachelor degree in a related field such as information security, management or computer engineering.
• Active CISSP & CISM certifications are required.
• Other relevant certifications (such as GCIH, GCIA, GCFA, GPEN, CEH, GWAPT and others)
• Experience working in the Information Security field, including any of the following: threat
intelligence, security operations, incident response, malware analysis, and/or vulnerability
• Experience with open source and Dark Web intelligence analysis tools.
• Prior experience in the Service Provider Industry is a plus.
• Experience operating all areas of the intelligence lifecycle.
• Experience in collecting intelligence from various information sources including but not limited
to; malware analysis, open source/paid feeds and technical reports.
• Possess experience in tracking evolving threats and providing threat intelligence support to
incident response teams.
• Excellent problem solving/analytical thinking skills.
• Demonstrable verbal and written communication skills.
• Ability to create and provide executive level presentations.
• Experience in collaborating as part of a larger security/intelligence team.
• Working experience in a MDR Centre, Security Operations Centre (SOC), Managed Security
Service (MSS), or enterprise network environment preferred.