Cyber Threat Intelligence Analyst

Help Ag is looking for a Cyber Threat Intelligence Analyst (TIA) who will be a part of the Cyber Defense team, responsible to help collect, analyze, and disseminate cyber intelligence impacting the company or its customers. The ideal candidate will be a professional with experience in cyber intelligence/cyber risk, delivering equivalent services to organizations, with drive and creativity. This is a fantastic opportunity for a passionate professional that wants to evolve in the Cyber Intelligence world. The position will involve essential duties and responsibilities that must continue to be performed during crisis situations and contingency operations, which may necessitate extended hours of work

Responsibilities

• Identify, collect, and perform analysis of raw, primary, and secondary data derived from various sources.

• Create and update General Intelligence Requirements (GIR)s, Priority Intelligence Requirements (PIR)s, and Organization Specific Intelligence Requirements (OSIR)s for customers.

• Create threat profiles and threat landscapes for companies and or customers.

• Create diamond models around customers and threat adversaries.

• Improve the creation and delivery of intelligence information to customers and partners, via different reports and tools, linking the dots and adding value to the service delivered.

• Perform investigations on the internet and dark web on different topics, from broad investigations to specific searches.

• Identify, assess, and track tactics, techniques, and procedures of cyber threat actors.

• Provide threat review and validation to customers on their exposure to cyber security risks, threats, and potential impact.

• Provide actionable strategic, technical, and tactical cyber intelligence to company & its subsidiaries through weekly, monthly, and ad hoc reports, briefings, and presentations.

• Conduct Internet searches, in English and Arabic, to profile customers’ online presence and optimize data feeds into back end cyber threat harvesting and analysis solutions.

• Apply advanced search techniques (e.g., Boolean terms) in Google/Bing search engines, social sites, domain databases, darknet, etc. to recue false positives.

• Support customers in take down efforts to remove fraudulent, offensive, and suspicious online content.

• Be up to date on knowledge of attacker tools/techniques, country and regional cyber threats, business, and political landscapes to reflect their context into detected/created threats to reduce false positives to help improve generated reports.

• Provide feedback and recommendations to Backend Cyber defense teams such as the MDR Team to enhance detection's (e.g., false positives, generic data, fine-tuning, updated info, etc.) and improve portal performance and/or experience.

• Understand customer industries to generated Arabic keywords to support searches of online Arabic content.

• Identify new information sources (English and Arabic), search keywords (English and Arabic) and best practices to achieve more accurate and customer related threat detection.

• When customers request ad-hoc investigations, assist in defining the investigation scope, delivery date and present the findings to the customer (report).

• Understand and perform analysis of competing hypotheses (ACH) for use in threat hunting and advisory production.

• Manage the life cycle of threat intelligence.

• Maintain a high degree of awareness of the current threat landscape.

• Assist in providing threat and vulnerability analysis as well as security advisory services.

• Participate in knowledge sharing with other Analysts and writing technical articles for Internal Knowledge Bases.

• Perform tasks independently with some oversight.

• Deliver Cyber Intelligence services.

• Research and craft analytic papers and deliver intelligence briefings under short deadlines on various geographical and functional topics.

• Use knowledge, creativity, and analytic tradecraft best practices to obtain solutions to complex problem.

Qualifications & Skills:

• A Degree in Computer Science, Information Systems, Electronics Engineering, or a closely related degree.

• 1 - 4 years’ experience as a TIA or related position.

• An active, demonstrable interest in cyber threat detection, and cyber threat intelligence.

• A thorough understanding of IT systems and network security concepts, network protocols.

• Thorough understanding of cyber threats and warfare such as Internet services attacks, User attacks, APTs, malicious mobile apps, online fraud, dark-net, hackers’ tools/techniques, hacktivist, etc.

• Knowledge of latest global cyber-attacks, prominent ransomware, APT groups.

• Demonstrable knowledge around GIR creations and threat profiling/landscaping

• Demonstrable knowledge of cyber threat intelligence, threat actors, malware, tactics, techniques, and procedures (TTPs), intelligence analysis, use of diamond models and various security methodologies and processes.

• Demonstrable knowledge analysis of competing hypotheses (ACH) for evaluating multiple competing hypotheses for observed data.

• Deep knowledge of IT security best practices, common attack types, and detection/prevention methods.

• Demonstrable knowledge of cyber operational security, log analysis, netflow analysis, incident response, malware analysis, computer forensics, and/or cybercrime.

• Demonstrable knowledge on deep and dark web.

• Good understanding of the cyber kill chain or attack vectors.

• Excellent verbal and written communication skills including the ability to clearly articulate technical and strategic level cyber matters to a variety of audiences.

• Ability to multitask, prioritize, and manage time effectively.

• Strong attention to detail.

• Excellent interpersonal skills and professional demeaner.

• Excellent customer service skills.

• Formal Intelligence Analysis training & certifications like GCTI, GOSI, C|TIA , Security+, RCIA, CTIP , CPTIA, CRTIA, CTIS-I and or CTIS-II.

Benefits:

• Health insurance with one of the leading global providers for medical insurance.

• Career progression and growth through challenging projects and work.

• Employee engagement activities throughout the year.

• Tailored training & development program.

About Us:

Help AG is the cyber security arm of e& enterprise and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by Etisalat group in Feb 2020, hence creating a cyber security and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and cyber security focused. With best-of-breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.