Threat Intelligence Analyst

Job Purpose The primary function of this role is to monitor the ENOC environment on 24 7 basis and conduct intelligence gathering to identify monitor assess and counter the threat posed by cyber threat actors against ENOC IT OT assets In addition to preforming advance threat modelling of the cyber security incident and escalate to Cyber Intelligence Center Manager as per approved policies processes and procedures Principal Accountabilities Operational Follow response procedures and other CIC related SOPs based on the incident impact analysis predetermined response actions procedures Manage the communication of policies guidelines and monitor the compliance CIC operations to the cybersecurity policies guidelines Identify cyber threats trends and new developments on various cyber security topics by analysing raw intelligence and data Track developments and changes in the technology field and cyber threat environments to ensure that theyre adequately addressed in cyber security strategy plans and architecture artefacts Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action Monitor security vulnerability information from vendors and third parties Establish a taxonomy of indicators of compromise IOCs and share this detail with other security unites including the security operations center CIC Perform analysis of data and information pertaining to ENOC line of business as well as critical infrastructure current cybersecurity posture specifically as it pertains to indicators of compromise e g implants backdoors and other malware which indicate the presence of a persistent adversary produce quality intelligence reports for management and other teams Apply understood analytic tradecraft to gathered intelligence in a consistent manner Investigate document and report on information cybersecurity issues and emerging trends Identify and monitor the Tactics Techniques and Procedures TTPs used by cyber threat actors by analysing raw intelligence and data Identify intelligence gaps and submit requests for information to fill gaps Provide actionable strategic technical and tactical cyber information and intelligence through reports briefings and presentations Make analytical predictions about cyber threat actors and their future activities based on what is already known about them Effectively recognize threats by performing relevant research and data analysis using both internal and external tools and resources Work closely with security analysts and senior analysist to get direct feedback about new unknown suspicious behaviour Provide functional support and content development and improvements for the SIEM and other security technologies used by CIC Participate in Development and implementation of new correlation rules and usecases in SIEM and enhance the monitoring and detection capabilities of the CIC to integrate SIEM with other monitoring tools with appropriate scripting knowledge skills Should be oncall 24 hours per day to respond to cyber security emergences Additional Principal Accountabilities Experience Education Degree Bachelor s degree in Computer Science Engineering or Business field or equivalent Diploma with additional relevant experience Required professional certifications Professional certificate such as CISSP GCTI GCFA GNFA Experience 7 years of Information security or technology experience 4 years in relevant experience Working experience in multiple industries e g Energy Utilities Retail Government is preferable Working experience in cyber security threats monitoring and handling Exposer to OT security operation center experience will be a pulse You will be redirected to the company website to apply for this position