Threat Intelligence and Hunt OPS LeadBusiness Unit Carrier Job ID 30078911 City Gdańsk State Pomeranian Country Poland
Location:Heweliusza 18, 80-890 Gdańsk, Poland
The TIH Lead is responsible for the identification of new and emerging threats to the Carrier network, the identification of attacks from such threats, and the development of detective and preventative controls to mitigate future risk. TIH Lead will need to be well rounded in all aspects of Cyber Defense, ideally with experience in Incident Response, Foresnics / Malware Analysis, Threat Hunting, and Content Development. The ideal candidate will be able to leverage their extensive experience to convey company risk and response actions to a wide-ranging audience of executive and highly technical groups.
- Monitoring of Intelligence sources to identify threats to the Carrier network.
- Curation and dissemination of relevant threat intelligence data to Carrier leadership and key stakeholders.
- Mapping of threats to MITRE att&ck framework to form risk assessments.
- Identify, Develop, and Lead Threat Hunt Engagements.
- Proof-read detection strategies for logical flaws and detection viability.
- Convey technical concepts to a wide-range of technical and executive members.
- Baseline attacker methodologies and compare against existing countermeasures to assess residual risk.
- Present findings from Intelligence, Hunt, and Content teams to key stakeholders within Carrier leadership.
- Lead efforts to mitigate risk within the organization through cross collaboration with all teams.
Basic Qualifications & Experience:
- Understanding of the Cyber Kill-Chain.
- Rule development experience (YARA, SNORT, BRO, etc.)
- Ability to proofread detection logic for flaws within alerting strategy.
- Extensive understanding of the MITRE Att&ck Framework.
- Ability to lead and train analysts from cradle-to-grave threat detection to remediation.
- Understanding of the Diamond Threat model.
- Extensive knowledge of primary APT groups, modus operandi, and techniques leveraged.
- Ability to convey technical concepts to a diverse audience of varying skillsets.
- Able to develop and lead hunt engagements, with a focus on attacker methodology rather than IOC’s.
- Excellent oral and written communication skills.
- Ability to drive results across multiple teams.
- Extensive understanding of network security concepts and best practices.
- 5+ years relevant work experience.
- Malware Analysis / Forensics & IR background
- IDS/IPS Detection Rule Development
- Background in one or more programing languages (C#, Python, Java, etc).
- Public speaking
- 2 or more of the following Certifications: GCTI, GCIH, GCIA, CISSP, Security+, CEH, OCSP
- Bachelors or equivalent work experience.
- Working with a highly talented team
- Friendly working atmosphere
- Flexible working hours
- Carrier Employee Scholar Program
- The ability to advance within Carrier
- Private medical care
- Pension plan with life insurance
- In house English lessons
- Lunch card
- Multisport card
Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Job Applicant's Privacy Notice:
Click on this link to read the Job Applicant's Privacy Notice