Cyber Threat Intelligence (CTI) Specialist

We exist to wow our customers. We know we’re doing the right thing when we hear our customers say, “How did we ever live without Coupang?” Born out of an obsession to make shopping, eating, and living easier than ever, we’re collectively disrupting the multi-billion-dollar e-commerce industry from the ground up. We are one of the fastest-growing e-commerce companies that established an unparalleled reputation for being a dominant and reliable force in South Korean commerce.

We are proud to have the best of both worlds — a startup culture with the resources of a large global public company. This fuels us to continue our growth and launch new services at the speed we have been at since our inception. We are all entrepreneurial surrounded by opportunities to drive new initiatives and innovations. At our core, we are bold and ambitious people that like to get our hands dirty and make a hands-on impact. At Coupang, you will see yourself, your colleagues, your team, and the company grow every day.

Our mission to build the future of commerce is real. We push the boundaries of what’s possible to solve problems and break traditional tradeoffs. Join Coupang now to create an epic experience in this always-on, high-tech, and hyper-connected world.

Role Overview

We are seeking a skilled Cyber Threat Intelligence (CTI) Analyst to join Coupang’s GHOST team within the Proactive Security organization. In this role, you will help bolster our cyber defense by monitoring, analyzing, and responding to evolving cyber threats. You will work closely with the CTI and security teams to provide timely, actionable threat intelligence and ensure proactive threat detection and response.

Key Responsibilities

• Threat Monitoring and Analysis: Continuously monitor open and closed-source intelligence platforms to identify, analyze, and mitigate cyber threats relevant to Coupang.
• Malware Analysis: Perform in-depth malware analysis, both static and dynamic, on files, URLs, and executable programs to determine threat levels and potential impacts.
• Security Incident Response: Collaborate with the incident response team to provide context and actionable intelligence during security events and incidents.
• Threat Hunting: Lead and support threat-hunting activities by proactively identifying and investigating potential threats in Coupang's environment before they impact the business.
• Threat Actor Profiling: Track and analyze threat actor groups and their techniques, tactics, and procedures (TTPs), and apply this knowledge to improve Coupang's threat detection and response capabilities.
• CTI Reports: Prepare and deliver detailed technical and executive-level reports on threat intelligence and response activities.
• Vulnerability Management: Identify and respond to vulnerabilities within Coupang’s systems, requiring a deep understanding of vulnerability management.
• Dark Web and Phishing Monitoring: Must have a deep understanding of dark web and phishing threats and perform ongoing monitoring of these areas.
• Automation and Tooling: Develop Python scripts to automate threat detection and intelligence gathering. Assist in building and enhancing automated threat intelligence platforms.
• Collaboration: Work closely with internal teams and third-party threat intelligence providers to share threat data and improve the organization’s overall threat landscape visibility.

Qualifications

• Experience:
  • At least 10 years of experience in Cyber Threat Intelligence, malware analysis, or related fields.
  • Experience with security incident response and handling advanced persistent threats (APT).
• Technical Skills:
  • Proficiency in Python for automation, scripting, and malware analysis.
  • Hands-on experience with malware analysis tools (e.g., IDA Pro, Ghidra) and sandbox environments.
  • Experience with both SIEM and EDR tools.
  • Understanding and experience in cloud environments (AWS, GCP, Azure).
• Security Knowledge:
  • In-depth understanding of threat intelligence frameworks such as MITRE ATT&CK and Cyber Kill Chain.
  • Familiarity with threat intelligence feeds, IoCs (Indicators of Compromise), IOAs (Indicators of Attack), and TTP analysis.
  • Strong understanding of vulnerabilities and experience in vulnerability management.
  • Knowledge and experience with dark web and phishing threat monitoring.
• Language Skills: Intermediate to advanced English skills (written and verbal) are required to communicate technical information clearly to global teams and management.