SPECIFIC DUTIES AND RESPONSIBILITIES
- Research new tactics, techniques, and procedures (TTPs) used by adversaries using opensources (public information such as GitHub, social media, security vendor reporting,, etc);closed sources (dark web and underground forums); and other proprietary sources usingresearch tools
Identify whether a TTP instance has already been reported, and create new notes for newor significantly updated TTP instances.- Create at least 2 TTP Instance notes daily, and 1 malware detection (YARA) monthly. Notesshould include minimal grammatical or syntax errors. Plagiarism is not acceptable.
Identify MITRE ATT&CK techniques, IoCs, associated malware, and associated threatactors
- Adhere to and implement Infinit-O's quality and information security policies and carry outits processes and procedures accordingly.
Protect client-supplied and generated for client information from unauthorized access,disclosure, modification, destruction or interference (see also Table of Offenses).- Carry out tasks as assigned and are aligned with particular processes or activity related toinformation security.
Report any potential or committed non-conformity, observation and/or security event orrisks to immediate superiorREQUIRED SKILLS
- Strong written communication in English
Able to produce written reports on technical subject matter (e.g. malware, vulnerabilityexploits, offensive security tools) in a clear, concise, and logical format- Disciplined time management
Self-starting, self-motivated, and thrive in a collaborative environment
- Ability to receive and apply constructive feedback from peers and leadership
MINIMUM QUALIFICATIONS
- B.S. equivalent in computer science, information systems, or cyber intelligence
Two (2) years professional experience- Technical proficiency in Cyber Threat Intelligence and Threat Intelligence Platforms
Experience working with open source intelligence (OSINT) and/or large data sets
- Familiarity with the MITRE ATT&CK Framework, including the ability map reported activity to ATT&CK techniques
Experience working with sandboxes, virtual machines, or other malware analysis tools- Adeptness in cybersecurity and data protection
PREFERRED QUALIFICATIONS- Proficiency in scripting language (PHP, C, C#, C++, Python, HTML, Base64, Powershell,CMD)
Experience creating malware detections (e.g. YARA, Sigma, Snort)
Job Type: Full-time
Application Question(s):
- How many years of experience do you have in MITRE ATT&CK Framework, including the ability map reported activity to ATT&CK techniques
Education:
Experience:
- cybersecurity and data protection: 2 years (Required)
Cyber Threat Intelligence and Threat Intelligence Platforms: 2 years (Required)- open source intelligence (OSINT) and/or large data sets: 1 year (Required)
sandboxes, virtual machines, or other malware analysis tools: 1 year (Required)
- scripting language: 1 year (Preferred)
* malware detections: 1 year (Preferred)
