Lead Consultant

Job Title: Threat Intelligence Specialist

Location: Any Birlasoft location

Job Type: Full-Time

Department: Cybersecurity

Shift Timing: Should be flexible as it may vary client to client

About the Role: We are seeking a highly skilled and experienced Threat Intelligence Specialist with extensive knowledge of the Anomali and Recorded Future Tool and its integration, as well as proficiency in implementing Microsoft Security Suites. The ideal candidate will be responsible for enhancing threat intelligence capabilities and ensuring seamless integration across security infrastructure.

Key Responsibilities:

• Responsible for deployment, configuration, and management of the Anomali & Recorded Future Tool to identify, analyze, and respond to threats.
• Lead the integration of Anomali & Recorded Future with other security tools and systems.
• Good to have implementation knowledge of Microsoft security suits like Defender, Azure Sentinel, and other Microsoft security solutions to enhance our cybersecurity posture.
• Perform in-depth analysis of threat intelligence data to detect emerging threats and vulnerabilities.
• Collaborate with the incident response team to investigate and mitigate security incidents based on threat intelligence insights.
• Develop and implement automation scripts to optimize threat intelligence processes and enhance response times.
• Create and maintain comprehensive documentation and reports on threat intelligence activities, findings, and recommendations.
• Work closely with cross-functional teams, including IT, security operations, and compliance, to ensure a cohesive and effective security strategy.
• 5+ years of professional experience in roles in cyber intelligence, cyber and fraud investigations, or casework in other related disciplines.
• Familiarity with collaborating with senior leadership on developing out strategy and building upon team goals.
• Knowledge and experience with analytic tradecraft, the intelligence cycle, open-source intelligence-gathering techniques, and strong intelligence writing skills, techniques, and methodologies
• Experience conducting investigations and tracking campaigns on threat groups operating on criminal and clearnet sources, focusing on topics such as leaked databases and credentials, ransomware, DDoS operations, criminal marketplaces, and other current and emerging threats.
• Knowledge and understanding of malicious tools and software used for cybercriminal activity and the ability to track and trace threat groups using a wide range of telemetry.
• Knowledge of fraud, and current cyber-enabled crime TTPs.
• Knowledge and understanding of most computer operating systems, networking concepts, and security fundamentals.
• Understanding of blockchain and cryptocurrency technologies, including trades, transfers, tracking, maintenance, documentation, and preservation.
• Ability to work well as part of a team working towards a unified goal.
• Strong time management skills that align with prioritizing day-to-day expectations with proactive research.

Qualifications:

• Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Experience: Proven experience in threat intelligence, with a strong focus on the Anomali Tool and its integration, as well as proficiency in implementing Microsoft Security Suites.
• Technical Skills:
  • Proficiency in Anomali, Recorded Future Tools configuration and management.
  • Extensive experience with Microsoft Security Suites, including Microsoft Defender, Azure Sentinel, and other related tools.
  • Strong knowledge of threat intelligence frameworks and methodologies.
  • Experience with scripting languages (e.g., Python, PowerShell) for automation.
• Soft Skills: Excellent analytical, problem-solving, and communication skills. Ability to work both independently and collaboratively in a fast-paced environment.

Preferred Qualifications:

• Certifications in cybersecurity or related fields (e.g., CISSP, CISM, CEH).
• Experience with other threat intelligence platforms and tools.
• Knowledge of cloud security best practices and DevOps methodologies.

• Knowledge of Hacktivist trends and activities.
• Familiarity with malware analysis, campaign infrastructure, and interpreting larger datasets.