Minimum qualifications:
- Bachelor's degree or equivalent practical experience.
- 10 years of experience in an operational and problem-solving role in cyber security (e.g. Network Forensics Analyst, Threat Intelligence Analyst.).
- Experience engaging with, and presenting to, technical stakeholders and executive leaders.
- Experience with CTI methodologies and application within cyber security organizations.
- Successful candidates will be required to have a UK DV Security Clearance.
- Experience in SOC operations, threat hunting, detection engineering, and SOC workflow optimization.
- Experience with network monitoring, EDR solutions, Security information and event management (SIEM) and Security Orchestration, Automation and Response (SOAR) integration, and managing a Threat Intelligence Platform.
- Experience in incident response and investigations within enterprise environments.
- Experience using CTI to support analysis of networks, hosts, and logs for threat detection and response, ideally within a government or military environment.
- Understanding of cybersecurity fundamentals, including enterprise IT infrastructure, operating systems, and networking.
- Ability to leverage CTI in identifying, tracking, and developing intelligence on Advanced Persistent Threats (APTs).
Want more jobs like this?
Get jobs in Larkhall, United Kingdom delivered to your inbox every week.
About the job
In this role, you will be supported and enabled by a network of colleagues and specialists right across Mandiant Intelligence and will contribute to Mandiant's wealth of technical skills and knowledge. Being onsite and embedded with a UK customer three days per week, you will leverage Mandiant's cyber threat intelligence to enable and equip network defenders and customer Cyber Threat Intelligence (CTI) teams.
Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.
Responsibilities
- Embed within a UK government or defense client's team to understand their (CTI) needs and identify opportunities to maximize the impact of this service on their security operations.
- Support the integration of CTI into the client's security processes and technologies, including Security information and event management (SIEM) and Threat Intelligence Platform (TIP) systems, and enable their SOC analysts to effectively leverage Mandiant's intelligence.
- Generate CTI and analyze client data, including bespoke sources, to identify threat activity, build analytical workflows, and automate detection processes.
- Produce quality intelligence reports tailored to the client's needs, ensuring they are accessible and actionable for both analysts and decision-makers.
- Foster relationships within the client organization and their third-party partners, ensuring effective communication and collaboration.