Threat Intelligence Analyst Permanent

Job Title: Threat Intelligence Analyst

Job Purpose

The primary function of this role is to monitor the ENOC environment on 24*7 basis and conduct intelligence
gathering to identify, monitor, assess, and counter the threat posed by cyber threat actors against ENOC IT/OT
assets. In addition to preforming advance threat modelling of the cyber security incident and escalate to Cyber
Intelligence Center Manager as per approved policies, processes and  procedures.
 

Principal Accountabilities

Operational 
•Follow response procedures and other CIC related SOPs based on the incident impact analysis &
predetermined response actions procedures Manage the communication of policies & guidelines and monitor
the compliance CIC operations to the cyber-security policies & guidelines.
•Identify cyber threats, trends, and new developments on various cyber security topics by analysing raw
intelligence and data.
•Track developments and changes in the technology field and cyber threat environments to ensure that they're
adequately addressed in cyber security strategy plans and architecture artefacts
•Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the
appropriate courses of action
•Monitor security vulnerability information from vendors and third parties
•Establish a taxonomy of indicators of compromise (IOCs) and share this detail with other security unites,
including the security operations center (CIC)
•Perform analysis of data and information pertaining to ENOC line of business as well as critical infrastructure
current cybersecurity posture, specifically as it pertains to indicators of compromise (e.g., implants, backdoors,
and other malware which indicate the presence of a persistent adversary).
•produce quality intelligence reports for management and other teams.
•Apply understood analytic tradecraft to gathered intelligence in a consistent manner Investigate, document,
and report on information cybersecurity issues and emerging trends
•Identify and monitor the Tactics, Techniques, and Procedures (TTPs) used by cyber threat actors by analysing
raw intelligence and data.
•Identify intelligence gaps and submit requests for information to fill gaps.
•Provide actionable strategic, technical, and tactical cyber information and intelligence through reports,
briefings, and presentations
•Make analytical predictions about cyber threat actors and their future activities based on what is already
known about them
•Effectively recognize threats by performing relevant research and data analysis using both internal and
external tools and resources.
•Work closely with security analysts and senior analysist to get direct feedback about new, unknown suspicious
behaviour 
•Provide functional support and content development and improvements for the SIEM and other security
technologies used by CIC.
•Participate in Development and implementation of new correlation rules and use-cases in SIEM and enhance
the monitoring and detection capabilities of the CIC to integrate SIEM with other monitoring tools with
appropriate scripting knowledge skills
•Should be on-call 24 hours per day to respond to cyber security emergences 
 

Additional Principal Accountabilities

Experience

Education
•Degree: Bachelor’s degree in Computer Science, Engineering or Business field or equivalent, Diploma with
additional relevant experience.
•Required professional certifications: Professional certificate such as CISSP, GCTI , GCFA, GNFA Experience 
•7+ years of Information security or technology experience.
•4+ years in relevant experience.
•Working experience in multiple industries (e.g. Energy, Utilities, Retail, Government…) is preferable.
•Working experience in cyber security threats monitoring and handling
•Exposer to OT security operation center experience will be a pulse.