AddressEviden, part of the Atos Group, with an annual revenue of circa € 5 billion is a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 53,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come.
The Opportunity:
As a Threat Intelligence Analyst in our Cyber Recon & Response Team, you will track and research sophisticated adversaries, applying your technical knowledge of threat actor capabilities, infrastructure, and techniques. You will provide analytical insight, profile actor behavior, produce concrete intelligence and proactively drive threat hunting and detection capabilities.
The candidates must be eligible to obtain a security clearance - SC level.
Location:
Primary office location Birmingham with hybrid/flexible working
Role and responsibilities:
- Perform threat research spanning the global threat landscape to identify threats to both Atos and its customers
- Ability to track and profile APT groups, technically detailing tactics, techniques, and procedures using OSINT and commercial intelligence
- Perform ongoing proactive research to identify, categorize and report on emerging, new and current threats
- Give to the continual improvements and shaping of threat detection coverage
- Analyze malware samples in a sandbox lab environment to understand process execution and identify indicators of compromise (IOC) for SOC tooling integration
- Produce threat hunt hypothesis use cases to allow for focused security content to be generated
- Collaborate with SOC teams to understand attack activity, patterns, and trends with a view to continually improve detection and protection capability
- Share intelligence across internal partners spanning strategic, operational, tactical, and technical
- Support the management and quality tooling to optimize efficiency and value
- Produce Threat Intelligence reports both internally and externally to our customers
- Maintain knowledge and awareness concepts, methodologies, and technology
Required skills and experience:
- 2+ years of experience within a Threat Intelligence role, including detailed understanding of tracking threat actors, campaign activity and attacker techniques
- Experienced in intelligence analysis and reporting using common tools and techniques
- Deep technical ability and collaboration with SOC teams in sharing and explaining Threat Intelligence for wider usage
- Good technical security knowledge of network architecture, IT infrastructure, applications, and systems. Including an understanding of cloud services such as Azure and AWS
- Ability to explain technical content to a non-technical audience
- Good interpersonal and communication skills
- Strong report-writing skills
Desirable skills and experience:
- Knowledge of MITRE ATT&CK and Cyber Kill Chain with an understanding of mapping to threat activity and detection techniques
- Understanding of the Diamond Model in CTI with an ability to identify event relationships and behavior through analytical pivoting
- Knowledge of STIX & TAXII standards embedding Threat Intelligence sharing across Security Operations delivery
- Knowledge of MiSP configuration, management, and systems integration
- Strong knowledge and hands-on experience of cyber security operations, technologies, and delivery
- Certifications are not essential but potentially a plus (GCTI, CPTIA, CRTIA, CTIA, GCIA, OSCP etc.)
Benefits:
- 25 days of Annual leave + an option to purchase more through our Flexible Benefits
- Flex benefits system – exciting opportunity to choose your own benefits
- Retail discounts
- Pension - matching contribution up to 10%
- Private Medical Scheme
- Life Assurance
- Enrolment in our Share scheme - subject to scheme eligibility criteria
- Unlimited opportunities to learn in our Training platforms
As a Disability Confident employer, our aim is to ensure that disabled applicants who meet the minimum criteria for this position will be offered an interview. The data is only used for the purpose of providing additional support at interview. If this is applicable to you, please ensure you answer “Yes” to the question regarding disability included in the application form for our awareness.
If you have any questions, please contact our recruiter Diana Mihaylova | LinkedIn
Let’s grow together.
