When serious threats are identified, analyst must work closely with other areas of the security team to identify appropriate solutions.
b. Required Skills
i. 3+ years of experience as a Cyber Threat Intelligence analyst, conducting all-source intelligence with a focus on cyber threat analysis or a combination of intelligence and research with threat detection or incident response work
ii. Experience in and understand Cyber Threat Modelling (e.g., STRIDE) to identify potential threats.
iii. Experience in intelligence frameworks and collaboration platforms (MITRE ATT&CK, CAPEC, MISP, etc.)
iv. Expertise in honeypots/honeynets, canaries, and other active deception tools to identify network attacks.
v. Ability to take initiative and prioritize tasks
vi. Intimate knowledge about information security threat intelligence and thrive on the details of threat analysis.
vii. Ability to quickly and effectively digest disparate data sources to determine security implications and risk levels
viii. General log analysis (cloud services like AWS/Azure/GCP, DNS, email, DHCP, VPN, Firewalls etc.) experience using SIEM or other Security data lake platforms
ix. Excellent Interpersonal, organizational, writing, communications, and briefing skills
x. Experience in Threat Validation
xi. Experience working in an Incident Response team.
xii. Working level knowledge of the following: Python, C, C++, Assembly language (ASM) is an added advantage.
This role is responsible for researching and analyzing current and emerging threats and vulnerabilities that have the potential to cause harm or malicious actions against the AMD environment. Our ideal candidate is highly experienced in the cyber threat field, believes in a business risk balanced approach and excels in a highly matrixed, people-focused environment.
c. Roles and Responsibilities:
i. Actively monitor, consume, research, and evaluate all-source cyber threat intelligence to maintain a broad understanding and knowledge of the evolving threat landscape and adversarial tactics, techniques, and procedures (TTPs)
ii. Maintain and drive the development of new reports of Cyber Threat Intelligence analysis to peers, management, and to stakeholders for purposes of situational awareness and making threat intelligence actionable.
iii. Evaluate, analyze, and derive actionable threat intelligence from a variety of open-source, commercial, and private sources to deliver quality deliverables to both technical and executive audiences.
iv. Assess, curate, and manage multiple threat intelligence feeds to enable the correlation of security events.
v. Effectively perform all phases of the intelligence cycle (collection, analysis, production, and dissemination)
vi. Collaborate with SOC to build novel detections, establish repeatable processes, and drive automation for containment and remediation activities
vii. Provide Tactical and operational intelligence support for performing Threat Sweeps.
viii. Perform proactive all-source research to identify and characterize new threats to the stakeholders and draft related threat intelligence products, where appropriate.
ix. Conduct trending and correlation of various cyber intelligence sources for the purposes of indicator collection, shifts in TTPs, attribution and establishing countermeasures to increase cyber resiliency and proactive threat mitigation
x. Develop compelling intelligence briefings, reports, and short position papers, with a focus on relevant, actionable intelligence
xi. Integrate and apply CTI reporting and knowledge of adversary activity, relative to technology, into cybersecurity operations systems and processes
xii. Creation of detailed process documentation
xiii. Provide curated cyber intel to support the development of use cases mapped to common frameworks (e.g., MITRE ATT&CK) for detecting new/evolving threats
xiv. Maintain memberships and establish intelligence-sharing relationships with appropriate sources within the intelligence community
xv. Research sets of standardized queries related to cyber threats for specific industry verticals (Semiconductors etc..) on a regular basis (daily, weekly, monthly, quarterly)
xvi. Develop and manage the Threat Intelligence lifecycle including planning details around use cases , data sets required , feedback around triaged alerts

If you encounter any suspicious mail, advertisements, or persons who offer jobs at Wipro, please email us at helpdesk.recruitment@wipro.com. Do not email your resume to this ID as it is not monitored for resumes and career applications.

Any complaints or concerns regarding unethical/unfair hiring practices should be directed to our Ombuds Group at ombuds.person@wipro.com.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, caste, creed, religion, gender, marital status, age, ethnic and national origin, gender identity, gender expression, sexual orientation, political orientation, disability status, protected veteran status, or any other characteristic protected by law.

Wipro is committed to creating an accessible, supportive, and inclusive workplace. Reasonable accommodation will be provided to all applicants including persons with disabilities, throughout the recruitment and selection process. Accommodations must be communicated in advance of the application, where possible, and will be reviewed on an individual basis. Wipro provides equal opportunities to all and values diversity.