Job Summary:

• Design, measure, and improve insider threat detection rules/ scenarios and ensure its consistency/ efficiency. 
• Conduct investigations of suspicious activities detected by insider Protection Product and evaluate its pertinence.
• Collaborate with Airbus cybersecurity teams (SOC, Cert, red team, DLP, etc) to design together a strategy/solutions for detecting, investigating and mitigating cyberthreats.
• Collaborate with Airbus cybersecurity data owners for examining the quality and the integrity of the collected data.
• Measure risk reduction and quality of service that will be provided by Insider protection product. 
• Contribute to the evolution and improvement of the Insider Protection product framework in particular in terms of threat detection/ monitoring quality, and working processes.
• Keep up to date with threats, anticipate needs and further evolutions.
• Analytics of geographically relevant “hits” on blocklists.
• Collect criteria for reproducible reports for CERTS, Swiss policy/regulators, SWITCH-CERT, or other Quad9 requested reporting.
• Create of template-style reports to summarize data by region, type, etc. for both public and internal reporting.

Skills on Resume:

• Threat Rule Designer (Hard Skills)
• Activity Investigator (Hard Skills)
• Cybersecurity Collaborator (Soft Skills)
• Data Integrity Analyst (Hard Skills)
• Risk Reduction Assessor (Hard Skills)
• Product Improvement Contributor (Soft Skills)
• Threat Anticipation Specialist (Soft Skills)
• Reporting Analyst (Hard Skills)

Job Summary:

• Analysing priority cyber threat activity to understand the techniques being used, and how they can be detected through security stack and log sources
• Writing detection logic for identified attacker techniques or providing recommendations for detection to relevant teams.
• Conducting in-depth research into cyber threat actors of particular interest to Paysafe, to understand their techniques and what need to do as an organization to counter them.
• Working closely with the Security Operations Center to ensure that appropriate responses are being taken to identified cyber threat activity, including assisting with the development of alerts and with incident response activities
• Responding to requests for information from numerous parts of the business, including Information Security, Fraud and Financial Crime.
• Responding to inbound alerts from threat intelligence providers, industry intelligence sharing groups and other external sources.
• Producing written reports on cyber threats, translating highly technical subjects to non-technical audiences, and presenting research and findings to the wider group.
• Conducting open-source investigations to gather additional context around cyber threat activity impacting Paysafe or industry peers.

Skills on Resume:

• Threat Analyst (Hard Skills)
• Logic Developer (Hard Skills)
• Threat Researcher (Hard Skills)
• SOC Expert (Soft Skills)
• Response Coordinator (Soft Skills)
• Alert Analyst (Hard Skills)
• Threat Reporter (Hard Skills)
• OSINT Investigator (Hard Skills)

Job Summary:

• Performing incident response with internal and external parties
• Identifying lessons learned and making recommendations to improve security controls in order to mitigate the risk of re-occurrence
• Drafting incident reports tailored for management and technical peers
• Maintaining and continuously improving the standard incident response toolkit
• Monitor and analyze security events in a hybrid network
• Analyze a variety of application, network and system security logs to determine the correct remediation actions
• Conduct proactive research to detect new attack vectors
• Review industry and vendor security alerts for vulnerabilities and security issues. 
• Work with other internal and external teams to mitigate solutions based on vendor advisories and best practices
• Research and identify key indicators of malicious activities on the network and end user workstations
• Implements security improvements by assessing current situation, evaluating market trends and anticipating requirements

Skills on Resume:

• Incident Responder (Hard Skills)
• Risk Analyst (Hard Skills)
• Report Drafter (Hard Skills)
• Toolkit Manager (Hard Skills)
• Event Monitor (Hard Skills)
• Log Analyst (Hard Skills)
• Attack Researcher (Hard Skills)
• Security Reviewer (Hard Skills)

Job Summary:

• Build, manage, and maintain correlation rules and alarming configurations for various cyber security platforms to include, but not limited to Security Incident & Event Management (SIEM), Security Orchestration and Threat Intelligence to ensure 24x7x365 Situational Awareness
• Collect, organize, and analyze data using various cyber security tools such as LogRhythm, Radware DefensePro, Palo Alto Networks, Symantec Endpoint Protection, Anomali ThreatStream, Tanium, Empow Networks, EnCase and others
• Identify, analyze, and interpret trends or patterns in complex data sets
• Support investigations of suspected cyber security misuse or security findings stemming from compliance reviews as requested and approved by the SVP-CISO
• Work with the functional business areas as needed during incident response investigations
• Ability to develop, customize, and maintain visualization dashboards utilizing SIEM and other security platforms
• Serve as a trusted advisor to the Director, Security Technologies and/or the SVP-CISO on sensitive matters warranting confidentiality
• Conduct multi-intelligence, all-source analysis and cyber threat intelligence on past, present, and future cyber threats to network systems
• Responsible for performing research on both APT and non-APT threat actors and the threat vectors they utilize
• Perform data trending and analysis to inform policy and security measures, as well as informing mitigation procedures
• Write reports based on finding to inform the greater Enterprise as well as Intelligence Community

Skills on Resume:

• Rule Configuration Specialist (Hard Skills)
• Data Analyst (Hard Skills)
• Trend Analyst (Hard Skills)
• Investigative Support (Hard Skills)
• Dashboard Developer (Hard Skills)
• Cyber Advisor (Soft Skills)
• Threat Analyst (Hard Skills)
• Research Specialist (Hard Skills)

Job Summary:

• Remains abreast of current cyber intelligence issues by conducting Open-Source-Intelligence (OSINT) research to develop in-depth analysis and assessment on threats to the critical infrastructure
• Respond immediately to security-related incidents and provide a thorough post-event analysis
• Enhances collected intelligence information by providing context, draws insights about the possible implications
• Conducts executive, managerial and user-level cyber threat and risk briefings as a result of real-time/near real-time cyber threat reporting
• Provides well-crafted language to add appropriate context/ understanding
• Take the appropriate measures to stop it promptly and sustainably. 
• Analyze background recurring threats (heuristics / regex writing and modification)
• Contribute to develop mechanisms and concepts to fight against the most obstinate spammers.
• Formalize clear answers to ISP and MSP customers (anti-abuse cell interlocutors) about the measures taken. 

Skills on Resume:

• OSINT Researcher (Hard Skills)
• Incident Analyst (Hard Skills)
• Intelligence Contextualizer (Hard Skills)
• Cyber Briefing Officer (Soft Skills)
• Language Specialist (Soft Skills)
• Threat Neutralizer (Hard Skills)
• Heuristic Analyst (Hard Skills)
• Spam Defense Developer (Hard Skills)