Senior Cyber Threat Intelligence Analyst - USA
Group-IB · United States · 2 wk ago
RemoteRemoteInformation TechnologyFull-time
About the role
Group-IB Threat Intelligence seeks a Cyber Intelligence Analyst to join the Cybercrime Research team. This position focuses on combating cybercriminals in the Dark web and open sources, specifically targeting North America.
Responsibilities
- Analyze IOCs and TTPs of the Threat Actors from the Latin America Threat Landscape
- Craft, maintain, and document detection opportunities within the Threat Intelligence platform
- Manage information and details related to threat actors TTPs and OpSec
- Perform necessary correlation and research to create useful, compelling, and context-rich alerts for customers
- Pursue research into current threats and industry trends to stay updated on the most up-to-date threats in the North America Threat Landscape
- Drive initiatives to create detection content based on findings from threat hunts and ad hoc detection opportunities
- Develop mitigation and countermeasure strategies from collected threat intelligence
- Leveraging MITRE ATT&CK categorization to align observed threat actor activity to Tactics, Techniques, and Procedures (TTPs)
Qualifications
- A genuine passion for investigating cybercrime, not just producing reports, but actively mitigating its impact
- Understanding and interest in the threat landscape in the North America region
- Knowledge of global and local cyber threats, including ransomware, initial access brokers, banking trojans, remote access trojans, and fraudsters
- Experience in analyzing the cybercrime community and profiling threat actors
- Deep understanding of the dark web ecosystem, including knowledge of major platforms, types of goods and services traded, market dynamics, and communication methods used within underground communities
- Basic knowledge of scripting languages (Python, Bash)
- Knowledge of network technologies and principles of functioning of data networks, understanding of the features of the common data transfer protocols
- Knowledge of OS architecture and operating principles
- Good interpersonal skills, as well as the ability to communicate effectively orally and in writing
- Experience in working with the following sources: Virustotal, Urlscan, Shodan, RiskIQ, Public sandboxes
- Optionally: Group-IB or other Threat Intelligence platforms
- Authorisation to work in the US (the role is based in the US)