Analyst - Cyber Threat Intelligence

Transguard Group was established in 2001 and has diversified significantly, we lead in the fields of Cash Services, Security Services, Manpower Services, Facilities Management & Aviation. Transguard Group is the UAE’s most trusted business support and outsourcing provider and has a large, dynamic and culturally diverse workforce with 50,000 employees!  We are currently recruiting for a Analyst - Cyber Threat Intelligence for our client to be based out of their office in Dubai.

Job Purpose -

The Analyst - Cyber Threat Intelligence will support the Airports's Digital Defence Center (DDC) in researching and reporting on emerging threats against Airport and to strategically shape and guide the approach the taken to protect its people and assets. The analyst will be responsible for responding and analyzing major cyber security incidents, conducting forensic investigations across a complex multi-cloud environment, supporting threat hunting cycles, and purple team engagements.

Job Accountabilities-

Threat Hunting

• Conducts hunt missions on Business Environment (on-prem, cloud) with the use of Digital Forensics tools & techniques and Custom tools and scripts

Offensive Assessments

• Conducts offensive on Business Environment (on-prem, cloud) using security including tools such as Metasploit, exploit development, Open Source Intelligence Gathering (OSINT), and designing ways to breach enterprise networks

Breach Analysis

• Analyzes attacker techniques at all stages of a breach with the capability of mapping to ATT&CK framework

Forensics

• Performs incident response and forensics of active breaches

Reporting

• Reports measurable improvement of overall security posture

Bachelor’s Degree - Specialization:

• The job holder will be educated to bachelor’s degree level in computer science / engineer (or business).

Core Activities Experience:

• Around 3+ years of experience in a technical role with Digital Forensics and Incident Response background in the areas of Security Operations, Threat Hunting , Threat Intelligence, Cyber Incident Response, Penetration Testing and Red Teaming.

Industry Experience:

• Cybersecurity, SOC Operations, cross industry experience

Professional/Regulatory/Certification Requirements:

• Expertise on in using Threat Intelligence Platforms (Recorded Future, Flashpoint, Blueliv, Anomali, ThreatIQ etc.)
• Holding any of the following certifications (or working toward / or similar) would be preferred:
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Forensic Examiner (GFCE)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Continuous Monitoring (GMON)
• GIAC Defending Advanced Threats (GDAT)
• GIAC Certified Detection Analyst (GCDA)
• CREST Certified Threat Intelligence Analyst
• CREST Certified Intrusion Analyst
• Offensive Security Certified Professional (OSCP)

Skills, Tools, and Systems Experience:

• Experience using Cyber Kill Chain
• Expertise on in using Threat Intelligence Platforms (Recorded Future, Flashpoint, Blueliv, Anomali, ThreatIQ etc.)
• Demonstrable experience in the use of Digital Forensics tools, techniques and concepts including creating and using Custom tools and scripts
• Demonstrable experience of analyzing and interpreting system, security, and application logs
• Experience with offensive security including tools such as Metasploit, exploit development, Open Source Intelligence Gathering (OSINT), and designing ways to breach enterprise networks
• Advanced knowledge of operating system internals and security mechanisms.
• Experience analyzing attacker techniques at all stages of a breach.
• Experience in forensics, threat intelligence, incident response
• Skilled working with extremely large data sets, using tools and scripting languages such as: SQL/KQL, Python, Splunk, etc.
• Working knowledge of EDR solutions