Cybersecurity Threat Intelligence Analyst

Our Why 

Datacom works with organisations and communities across Australia and New Zealand to make a difference in people’s lives and help organisations use the power of tech to innovate and grow. 

Why join us here at Datacom? 

Datacom is one of Australia and New Zealand’s largest suppliers of Information Technology professional services. We have managed to maintain a dynamic, agile, small business feel that is often diluted in larger organisations of our size. It's our people that give Datacom its unique culture and energy that you can feel from the moment you meet with us. 

We care about our people and provide a range of perks such as social events, chill-out spaces, remote working, flexi-hours and professional development courses to name a few. You’ll have the opportunity to learn, develop your career, connect and bring your true self to work. You will be recognised and valued for your contributions and be able to do your work in a collegial, flat-structured environment. 

We operate at the forefront of technology to help Australia and New Zealand’s largest enterprise organisations explore possibilities and solve their greatest challenges, so you will never run out of interesting new challenges and opportunities. 

We want Datacom to be an inclusive and welcoming workplace for everyone and take pride in the steps we have taken and continue to take to make our environment fun and friendly, and our people feel supported.

Role Overview

The Threat Intelligence Analyst role will play a crucial role in identifying, analysing, and reporting emerging cyber threats, helping protect our customers from potential attacks. This position is ideal for detail-oriented individuals with a strong passion for cybersecurity and a desire to further develop their skills in threat intelligence, security analysis, and incident response. As a Threat Intelligence Analyst, you will monitor threat landscapes, conduct in-depth research, and provide actionable insights to enhance our security posture.

Role Responsibilities

The Threat Intelligence Analyst is responsible for (but not limited to):

• Threat Monitoring: Continuously monitor cybersecurity threat feeds, forums, and open-source intelligence (OSINT) to identify potential security risks and vulnerabilities.
• Data Analysis: Analyse threat data to identify patterns, trends, and anomalies that could pose a risk to an organization’s security infrastructure.
• Report Generation: Prepare and present detailed reports on emerging threats, attack vectors, and vulnerabilities to the team, providing recommendations on mitigation strategies.
• Incident Response Support: Collaborate with the Incident Response team to investigate potential incidents, including gathering relevant intelligence on attackers and their techniques.
• Research: Conduct thorough research on new and existing threats, threat actors, malware, and security vulnerabilities to enhance our defensive capabilities.
• Collaboration: Work closely with CDOC analysts and the CSIRT team to ensure timely dissemination of gathered threat intelligence.
• Documentation: Maintain and update internal documentation related to threat intelligence processes, tools, and findings.
• Tool Utilization: Utilize various cybersecurity tools (e.g., SIEM, EDR, OSINT platforms) to gather and analyse threat intelligence data.
• Continuous Learning: Stay up to date with the latest developments in the cybersecurity space, including new tools, techniques, and regulations affecting our customers.

Requirements

Knowledge

• Solid understanding of cyber threats, vulnerabilities, and attack vectors (e.g., phishing, ransomware, APTs).
• Familiarity with common cybersecurity frameworks and standards (e.g., NIST, NZISM, ISO 27001).
• Cyber-attack methodologies and techniques such as MITRE Att&ck, Diamond Model and Lockheed Martin Cyber Kill Chain and other common cybersecurity threats
• Knowledge of security tools and technologies such as firewalls, EDR, SIEMs, and threat intelligence platforms.
• Proficiency with OSINT techniques and threat intelligence platforms.
• Experience in threat modelling and threat profiling
• Structured Analytic Techniques
• Knowledge of forensic techniques

Experience

• Over 3 years of experience as a Security Operations Centre (SOC) Analyst, including involvement in Major Incident Response. Experience in working with security tools such as: SIEM, EDR, XDR, NBAD, DRP
• Over 1 year of specialized experience in a dedicated Threat Intelligence role
• Experience with security automation Technologies

Skills

• Analytical Skills: Ability to analyse large datasets, detect patterns, and draw meaningful conclusions related to cybersecurity threats.
• Programming (Preferred): Proficiency with scripting or programming languages, especially Python, to help maintain and develop platform connectors for threat intelligence ingestion.
• Communication: Strong written and verbal communication skills, with the ability to create clear, concise threat reports for both technical and non-technical audiences.
• Attention to Detail: Ability to identify small details in large volumes of data, ensuring accurate threat assessments.
• Adaptability: Ability to work in a fast-paced, dynamic environment and manage multiple priorities effectively

Qualifications and Certifications

• Qualification in computer science, Cybersecurity, Information Technology, or a related field.
• Equivalent professional experience may be considered.
• Vendor neutral certifications (such as CompTIA Security+, CompTIA Analyst+ etc.)
• Bachelor’s degree in computer science, Cybersecurity, Information Technology, or a related field.
• EC-Council Certified Threat Intelligence Analyst (CTIA)
• GIAC Cyber Threat Intelligence (GCTI)
• MAD20 ATT&CK® Cyber Threat Intelligence