isecjobs.com

Senior Cyber Threat Intel Analyst

US-Texas

Full Time Senior-level / Expert USD 103K - 192K * est.
Company logo

Capgemini

A global leader in consulting, technology services and digital transformation, we offer an array of integrated services combining technology with deep sector expertise.

View all jobs at Capgemini

Apply now Apply later

Senior Cyber Threat Intel Analyst -080355

Description

 

*** MUST BE A US CITIZEN ***

About the Role You Are Considering:

The Managed Detection and Response (MDR) program at Capgemini is expanding our DECODE team with the addition of an experienced and motivated Senior Cyber Threat Intelligence Analyst. The DECODE team stands at the forefront of defending client cyber operations, combining the expertise of CTI Analysts and Detection Engineers under one team. This integrated approach ensures rapid operationalization of threat intelligence into actionable detections, forming the backbone of our MDR service. Our frontline SOC Analysts are thus equipped with timely alerts and vital intelligence for swift incident response and threat hunting. 

Your Responsibilities:

  • Research and analyze emerging threats, utilizing the CTI lifecycle for daily collections.
  • Curate and communicate intelligence on the cyber threat landscape, including cyber threat actors, malware, vulnerabilities, and adversarial TTPs.
  • Develop and disseminate intelligence products to stakeholders, facilitating robust defensive countermeasures.
  • Conduct regular briefings to convey cyber threat intelligence to both technical and non-technical audiences, supporting Computer Network Defense (CND).
  • Collaborate with Detection Engineering for rapid development of SIEM and EDR detections based on your research and analysis of emerging threats and adversarial TTPs.
  • Develop, tune, and maintain detections using file scan and network signatures (YARA/Suricata).
  • Curate IOCs and manage and maintain indicators in a Threat Intel Platform (TIP) such as MISP.
  • Collaborate with other MDR teams for incident analysis and IR activities as needed.
  • Engage with internal teams to continually enhance the CTI lifecycle through innovation, automation, and best practices.

Your Experience

  • Bachelor of Computer Science or 5+ years equivalent experience in Cyber Threat Intelligence.
  • 5+ years of experience applying analytical frameworks like Lockheed Martin Cyber Kill Chain, Diamond Model of Intrusion Analysis, and MITRE ATT&CK Framework.
  • 5+ years of technical security experience implementing information security best practices.
  • 3+ years of experience in tracking, profiling, and prioritizing activities of broad-based and APT groups.
  • 3+ years of experience demonstrating a deep understanding of advanced adversarial tactics, techniques, and procedures, and developing relevant detection and defensive countermeasures.
  • Capability in producing threat report products (Strategic, Operational/Technical, Tactical).
  • Ability to communicate complex technical information effectively to both technical and non-technical stakeholders.
  • Proficient in problem-solving and critical thinking to evaluate threats and recommend strategic defensive strategies.
  • Proficiency in translating threat intelligence from OSINT, public/private reports, and dark/deep web analysis into custom detections and mitigations across various security technologies.
  • Deep understanding of network protocols, Linux/Windows/Mac OS internals, and various cybersecurity tools and technologies. Such as, SIEM and EDR systems, intrusion detection/prevention systems, firewalls, proxies, etc.
  • Familiarity with integrating open-source tools into the CTI lifecycle.
  • Ability to work comfortably from the Linux command line.
  • Proficiency in scripting languages like Python and Bash for automation and data analysis.
  • Experience in Version Control (VC) systems, such as GitLab/GitHub.
  • Extensive knowledge of incident response processes and incident management lifecycle.
  • Strong analytical capabilities to interpret complex data and draw meaningful strategic insights.
  • Ability to work collaboratively with other cybersecurity professionals. 

Added Bonus:

  • Skills in conducting malware analysis/reverse engineering.
  • Experience with two or more leading SIEM and EDR platforms.
  • Experience in cyber threat hunting (retroactive hunt, live hunt, etc.)
  • Previous experience working at an MSSP/MDR provider in any of the following roles: SOC Analyst, Detection Engineer, CTI Analyst, CIRT.

Life at Capgemini:

Capgemini supports all aspects of your well-being throughout the changing stages of your life and career. For eligible employees, we offer:

  • Flexible work
  • Healthcare including dental, vision, mental health, and well-being programs
  • Financial well-being programs such as 401(k) and Employee Share Ownership Plan
  • Paid time off and paid holidays
  • Paid parental leave
  • Family building benefits like adoption assistance, surrogacy, and cryopreservation
  • Social well-being benefits like subsidized back-up child/elder care and tutoring
  • Mentoring, coaching and learning programs
  • Employee Resource Groups
  • Disaster Relief

About Capgemini:

Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2023 global revenues of €22.5 billion.

Get the future you want | www.capgemini.com

Disclaimer:

Capgemini is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.

This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodations do not pose an undue hardship.

Capgemini is committed to providing reasonable accommodations during our recruitment process. If you need assistance or accommodation, please reach out to your recruiting contact.

Click the following link for more information on your rights as an Applicant http://www.capgemini.com/resources/equal-employment-opportunity-is-the-law

    

Job

 : Technology Strategy

Schedule

 : Full-time

Primary Location

 : US-Texas

Organization

 : CIS US MS
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  1  0  0
Categories: Analyst Jobs Threat Intel Jobs

Tags: APT Automation Bash Cloud CND Computer Science Cyber Kill Chain EDR Firewalls GitHub GitLab Incident response Intrusion detection Linux Malware MISP MITRE ATT&CK OSINT Python Reverse engineering Scripting SIEM SOC Strategy Threat intelligence TTPs Vulnerabilities Windows

Perks/benefits: Career development Flex hours Flex vacation Health care Parental leave Salary bonus Team events

Region: North America
Country: United States

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Security Operations Engineer jobsSenior Cloud Security Engineer jobsSystems Administrator jobsSenior Security Analyst jobsSenior Cybersecurity Engineer jobsIT Security Analyst jobsSenior Information Security Analyst jobsCyber Security Specialist jobsInformation Security Manager jobsSenior Network Security Engineer jobsSenior Information Security Engineer jobsSenior Product Security Engineer jobsSecurity Consultant jobsInformation System Security Officer (ISSO) jobsChief Information Security Officer jobsInformation Systems Security Engineer jobsSecurity Specialist jobsIT Security Engineer jobsSenior Cyber Security Engineer jobsSenior Software Engineer jobsCyber Threat Intelligence Analyst jobsCybersecurity Specialist jobsSenior IT Auditor jobsCyber Security Architect jobsSecurity Operations Analyst jobs
EDR jobsEncryption jobsTS/SCI jobsCEH jobsJava jobsThreat detection jobsSDLC jobsSplunk jobsTerraform jobsIDS jobsMalware jobsFinance jobsIPS jobsRMF jobsTop Secret jobsForensics jobsSQL jobsDocker jobsSOC 2 jobsActive Directory jobsCompTIA jobsIntrusion detection jobsOWASP jobsITIL jobsCRISC jobs
Clearance Required jobsGIAC jobsHIPAA jobsTCP/IP jobsAnsible jobsVPN jobsDoDD 8570 jobsSOAR jobsIT infrastructure jobsOSCP jobsMITRE ATT&CK jobsData Analytics jobsJira jobsDNS jobsSOX jobsBanking jobsUNIX jobsCCSP jobsZero Trust jobsIndustrial jobsJavaScript jobsCISO jobsGCIH jobsMachine Learning jobsArtificial Intelligence jobs