Der Job
Your team:
Our technical threat intelligence team tracks attackers and their activities to provide our clients with up-to-date information on malicious activity – both in the form of technical indicators and signatures as well as technical reports. To achieve this, we work with our Incident Response team, our SOC, as well as with external research teams. Our information is used daily by our stakeholders to protect their critical infrastructures and our European values. Within the team, we value the right balance between continuously producing technical content, responding to ad-hoc requests, and conducting long-term research projects.
Your Job:
- You collect and analyze technical information from public and commercial sources, as well as from our own telemetry, to create technical threat intelligence, identify and understand attack patterns, tactics/techniques, and campaigns of cyber actors.
- You translate the insights you gather about attackers, their malware, malicious infrastructure, and TTPs for our clients, helping them understand how to effectively protect themselves. You are responsible for independently creating indicators, signatures, and, if necessary, technical reports.
- You correlate information from various data sources and develop your own tools (preferably in a scripting language like Python) and methods for analyzing large datasets or unknown data.
- You communicate clearly and effectively with our clients about current threats and recommended protective measures.
- You work closely with other teams and external partners to share knowledge and gain new insights.
- With your experience, you help shape the direction in which the team’s capabilities and our threat intelligence services evolve
