REQ-10009758
The Cyber Threat Intelligence Researcher will be an integral part of the Threat Intelligence Team and the Novartis Cyber Center, providing leadership the most advanced analysis of cyber threats to the company, alongside with practical measures and controls to protect against them.
The Cyber Threat Intelligence Researcher will use a variety of tools and resources to proactively collect and analyze threat intelligence, implement in-depth research about threats to the organization and the industry, and work with multiple teams to alert on threats to the organization, as well as to generate and deploy security controls to address them.
Key Responsibilities:
Analyze data logs from different security controls to identify cyber threats and patterns, and generate relevant intelligence and recommendations to the operation teams
Effectively monitor, collect and report Intelligence relevant to the company and the industry
Accurately analyze the impact / potential impact of an incident or vulnerability
Implement in-depth research on threat actors, TTPs and vulnerabilities, and generate reports and white papers to relevant stakeholders
Support and enrich internal security incidents with valuable threat intelligence concepts
Define use cases to connect between Threat Intelligence indicators to the organizations security controls
Work with the Cyber and the Threat Hunting teams to create monitoring tools for highly sophisticated hacking technique
Requirements: 3+ years of experience in Threat Intelligence / technical Intelligence analysis / Threat Hunting / SOC or related fields
University working and thinking level. Degree in technical/scientific/business area or comparable education/experience
Experience in reporting to and communicating with senior level management
Experience in reviewing security controls data logs
Knowledge of APT campaigns, attack Tactics, Techniques and Procedures (TTPs) and clear understanding and implementation of MITRE ATT&CK framework
Experience with threat feed research; collect, prioritize, organize and research
Hands on experience with SIEM (as Splunk)
Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related and incident response concepts to technical as well as nontechnical audiences in English
Experience in leading projects end-to-end
Strong collaboration and team-work skills, and ability to work independently
Creative and proactive approach
High technical aptitude; quickly learns new skills
Scripting experience with Python, PowerShell Big advantage
This position is open to all candidates.