Threat Intelligence Analyst
DeNexus is the leading provider of cyber risk modeling for industrial enterprises.
Our mission is to build the global standard for quantifying industrial cyber risk. Our flagship platform, DeRISK, is the world's first self-adaptive software platform that uses evidence-based data to predict where and how breaches are likely to occur in unique customer contexts, translating that information into at-risk dollars. Fortune 500 companies, from power generation to manufacturing and other critical infrastructure, rely on DeNexus to understand their bespoke cybersecurity economics and optimize their risk-reducing ROI.
Duties and responsibilities
- Analytical and technological skills to extract intelligence (information) from available data (data), ability to find the necessary information and how to extract it.
- Investigate, analyze and prepare analytical data and deliver intelligence value in different terms (short, medium and long) in an automated way on various topics related to our field: functional, geographical, sectoral, etc.
- Extract automated information from the intelligence data of the different actors, objectives and how they affect our clients.
- Identify, evaluate and track TTP (tactics, techniques, and procedures) of different types of threat actors.
- Evaluation of entry access vectors (IAV) and potential propagation in the network of a malware in its different stages (MiTRE)
- Evaluation of the different network topologies / architectures in cybersecurity parameters (proper network segmentation, use of the industrial DMZ, concept of "zones and conduits", etc.) and their subsequent classification.
- Review and selection of data to extract from security products (IDS, IPS, firewalls, SIEM, EDR, etc.) for risk assessment.
- Automate the verification of security controls.
- Search for incident data sources.
- Support for the modeling team.
- Support to the sales / after-sales team.
- Adjust frameworks to risks.
- Relationship with external companies.
- Relationship with universities.
- Minimum of 5 years of practical experience in work, with at least one year working in threat intelligence
- Degree in Engineering (Electrical, Mechanical, Chemical, or similar), Computer Science, or similar scientific / technical field.
- Cybersecurity training (degree, master, certification, ...)
- Experience with the MITRE ATT&CK framework and other threat intelligence standards such as STIX or TAXII
- Comprehensive and practical knowledge of research and collection skills, as well as analytical methods.
- Ability to seek alternative solutions to non-obvious problems.
- Ability to integrate into other work teams and present the results of different modes.
- Ability to correctly balance cyber risk and product advancement.
- Fluent in both written and spoken English to work in an international environment.
DeNexus values a lot...
- Experience working in, or related to, Operational Technology (OT), Industrial Control Systems (ICS) and/or IoT industries.
- Understanding of cybersecurity frameworks for ICS/OT environments (ISA-99/IEC 62443, NIST SP 800-82, NIST CSF, CIS, etc.).
- Skill in handling cybersecurity bigdata
- Experience working in, or related to, risk management platforms.
- Practical attitude and ability to push solutions through to completion.
- Growth mindset oriented to learn and advance the team.
- People used to work in agile teams.
- Based in Spain (remote position).