• Responsible for establishing, maintaining and using operational security standards, processes, procedures and guidelines
• Provide supporting teams with threat focused technical support and consultancy to ensure compliance with security policies, standards and regulations
• Produce timely, accurate and relevant intelligence products (Tactical, Operational, and Strategic)
• Monitor internal and external security threats and known vulnerabilities, and ensure that easyJet technical controls are aligned to these
• Help Security Operations develop and operate processes and procedures that counteract threats and vulnerabilities
• Help maintain a detailed understanding threat landscape and the techniques and tools associated with identified threat actors
• Conduct technical research into emerging threats and trends
• Provide targeted intelligence support to the SOC in its detection, isolation and remediation of security incidents
• Conduct threat intelligence investigations on identified / potential threats
• Response to security incidents, alerts and identified threats

Skills: Security Standards, Threat Support, Intelligence Reports, Threat Monitoring, Process Development, Threat Knowledge, Research Trends, Incident Response

• Research and develop new approaches of attack surface monitoring, Darknet analysis, detection of indicators of compromise and fraudulent resources.
• Lead dedicated research for the largest customers, identify tailored threats and security problems they may face
• Advise customers on attack vectors and mitigation needed
• Participate in Threat Hunting, Incident response procedures
• Run research on specific adversaries and continiously collect threat information on them
• Prepare finished intelligence reports for the customer, security bulletins, weekly notes and etc
• Collaborate with other Security Services teams to improve Digital Footprint Intelligence service
• Tune easyJet threat intelligence tooling
• Through easyJet external organisations keep abreast of emerging trends, technologies and regulations
• Provide support for security related projects

Skills: Attack Monitoring, Darknet Analysis, Tailored Threats, Threat Hunting, Adversary Research, Intelligence Reports, Tooling Improvement, Project Support

• Conduct threat research to include the collection, extraction, and dissemination of tactical and strategic intelligence.
• Manage and further advance Threat Intelligence Platform (TIP).
• Provide threat intelligence support to vulnerability management and incident response teams.
• Identify and apply automation and machine learning methodologies to further improve threat intelligence processes.
• Identify and implement methods to improve visibility with respect to Indicators of Compromise (IOCs) and malicious behaviors.
• Work with skilled data scientists to develop novel intelligence.
• Develop threat hunts to be executed by a threat hunting team.
• Coordinate with private and government entities to acquire available intelligence used to protect networks.
• Assist with developing threat models/profiles for internal and external clients.

Skills: Threat Research, TIP Management, Intelligence Support, Process Automation, IOC Visibility, Data Collaboration, Threat Hunts, Intelligence Coordination

• Hunt for cyber-related threats from various disciplines and sectors.
• Receive RFIs from clients and investigate them according to the time and scope defined.
• Track down threat actors across the clear, deep, and dark web. 
• Engage with them to retrieve more intelligence and collect unique information that is not otherwise accessible.
• Develop new ways to collect and analyze the necessary data.
• Be a leading source of knowledge in information security and intelligence matters supporting other departments with knowledge and expertise.
• Leverage threat intelligence to improve the prioritization of preventative controls and mitigations to improve defenses of Microsoft.
• Deliver relevant and actionable intelligence to teams and leadership across Microsoft to improve ability to detect threats in the environment.
• Support response to internal incidents by managing intelligence collected during investigations and building a common understanding of threat activities.
• Collect, process, and analyze open-source reporting as well as 1st and 3rd party threat intelligence feeds for relevance and impact to Microsoft.
• Work with internal defender teams, security programs and risk managers to provide data driven insights into existing and emerging threats.

Skills: Threat Hunting, RFI Investigation, Actor Tracking, Intelligence Gathering, Data Analysis, Security Knowledge, Control Prioritization, Incident Support

• Drive the Cyber intelligence operating environment preparation lifecycle
• Work with the CTI team and participate in the Cyberthreat intelligence lifecycle
• Work with various teams to manage Cyber threat intelligence feeds, aggregation, and sharing both internally and externally
• Analysis of identified threats, detection of major risks and recommendations, search for additional information
• Communicate with owners of resources of illegal content
• Participate in investigations related to information security
• Perform analysis on campaigns, threat actor TTPs (Tactics, Techniques, and Procedures), technical indicators of compromise, cyber-attack trend, and exploitation of technology
• Proactively identify and provide threat insights to improve overall Cybersecurity risk posture
• Participate in industry threat intelligence forums, maintain up-to-date security industry awareness and attack trends.

Skills: Intelligence Lifecycle, Threat Feed Management, Risk Analysis, Illegal Content Communication, Security Investigations, TTP Analysis, Threat Insights, Industry Awareness

• Real-time monitoring of relevant sources to gather information on threats and vulnerabilities
• Assess events based on factual information
• Analyze data to determine patterns and linkages
• Apply structured analytic techniques to avoid biases and fallacies
• Produce accurate and defendable strategic intelligence products
• Produce tactical and operational intelligence for operation teams and automation delivered in the form of briefs, reports, and feeds.
• Detect and analyze cyber threat activities connected to advanced threats
• Research emerging threats, identify and track relevant threats that pose risk to Swiss Re
• Support customers in defining intelligence requirements

Skills: Threat Monitoring, Event Assessment, Data Analysis, Analytic Techniques, Intelligence Reporting, Cyber Threat Analysis, Threat Research, Intelligence Support

• Working with customers to develop and refine Intelligence requirements.
• Development of collection plans aligned with intelligence requirements.
• Collection and analysis of data from internal and external sources.
• Production and delivery of intelligence products and briefs.
• Support incident response efforts and threat detection capabilities.
• Analysis of malware, cyber-attacks, and attack trends.
• Threat feed assessment, deployment, and tuning.
• Working as a liaison with other financial institutions, government agencies and industry work groups.
• Briefing both technical and non-technical audiences on relevant cyber threats, including executive management through reports and presentations.
• Provide real time support to incident response teams both leading up to and during the incident management process.
• Inform incident response and vulnerability teams on relevant threats and risks.

Skills: Intelligence Development, Data Collection, Intelligence Analysis, Incident Support, Malware Analysis, Threat Assessment, Industry Liaison, Threat Briefing

• Produce timely threat reporting and providing technical support to other functions and teams within Cybersecurity Services.
• Use premium Threat Intelligence tooling to enrich indicators of compromise and pivot to additional adversarial infrastructure and tooling.
• Facilitate technical improvements of CTI tooling.
• Perform quality control and quality assurance for all Threat Intelligence products.
• Work closely with RTX CTI team and foster collaborative relationships between Threat Intelligence groups across the enterprise.
• Apply knowledge of tactical, operational, and strategic-level intelligence analysis of cyber threats, vectors, and threat actors in support of cyber defense and computer network operations
• Assist with open-source and classified data sources in support of collecting, analyzing, and interpreting qualitative and quantitative data to produce meaningful products
• Conduct advanced analysis and research on the latest cyber threats to provide actionable threat intelligence, including adversary indicators of compromise, techniques, tactics, procedures and trends
• Analyze to profile threat actor TTPs used to infiltrate networks, systems, and assets to produce threat actor profile cards or threat briefings
• Report on current and emerging threats that will exploit vulnerabilities along with details of those vulnerabilities to various stakeholders.

Skills: Threat Reporting, Tool Enrichment, CTI Tooling Enhancement, Quality Assurance, Intelligence Collaboration, Cyber Threat Analysis, Data Interpretation, Threat Profiling

• Conduct CTI initiatives in support of state, local, tribal, and territorial (SLTT) governments to include determining their intelligence needs and requirements
• Helping identify the most effective methods for fulfilling these unique requirements
• Identify emerging trends based on extensive research into threat activity and determine customer-relevant threat intelligence with minimal assistance or oversight
• Use a Threat Intelligence Platform (TIP) to collect, organize, correlate, and analyze CTI data from various sources to extract relevant and timely indicators for sharing with members in near real-time
• Draft briefing material, written products, and simple graphics in order to convey analysis both verbally and in writing to a variety of audiences
• Conduct technical analysis of malicious and suspicious code to understand the nature of the threat and to extract unique attributes for proactive defense
• Conduct open source research and technical analysis, including dark web research, for proactive defense
• Craft and apply effective security countermeasures aligned with industry frameworks and analytic models (e.g. MITRE ATT&CK, VERIS, Diamond Model of Intrusion Analysis) as well as custom frameworks using data-driven threat intelligence

Skills: Intelligence Analysis, Trend Identification, Threat Intelligence, Data Sharing, Briefing Creation, Code Analysis, Open Source Research, Countermeasure Development

• Pro-actively identify cyber related threats and develop timely actionable intelligence for action (inc prevention and disruption of threats)
• Produce strategic and tactical threat assessments/products in response to new and developing threats
• Analyse multiple data/intelligence sources and sets in order to identify patterns of activity that could be attributed to threats and develop informed recommendations to a breadth of stakeholders
• Process IOCs, alerts and other data in a timely manner and work closely with a range of specialist security teams to mitigate threats
• Identify risks and escalate these in a timely and effective manner
• Proactively drive improvements in internal processes, procedures, and workflows.
• Participate in the testing and integration of new security monitoring tools
• Meet strict deadlines to deliver high quality reports on threats, findings and broader technical analysis
• Take ownership of personal career development and management, seeking opportunities to develop personal capability and improve performance contribution.

Skills: Threat Identification, Threat Assessment, Data Analysis, Risk Management, Process Improvement, Tool Integration, Report Delivery, Career Development

• Experience in intelligence analysis and/or cyber security analysis role.
• Highly developed written and oral communication skills.
• Strong contextual analytic judgment and ability to think critically.
• Ability to research with an investigative and problem-solving mindset.
• Good understanding of concepts such as Threat Intelligence Lifecycle, MITRE ATT&CK framework and the ACSC’s Strategies to mitigate Cyber Security incidents.
• Experience with cyber threat intelligence or other intelligence services
• Experience in conducting daily intelligence operations
• Experience in using open source tools for information gathering
• Experience in writing reports for both management and technical readers
• Experience in consulting, including both internal and client-facing experiences
• Ability to work both individually and with a team
• Ability to obtain a security clearance

Qualifications: BS in Cybersecurity with 2 years of Experience

• Demonstrated interest and knowledge about the field of CTI.
• Demonstrated initiative to self-start/propose new projects
• Demonstrated ability to consistently deliver high quality analysis, above and beyond the minimum requirement
• Analytical curiosity and ability to look at problems from multiple perspectives and continually ask questions to obtain a full picture and/or the best solution
• Demonstrated ability to leverage subject matter expertise to innovate new analytical techniques, implement new workflows, and lead projects among various stakeholder groups
• Knowledge of Advanced Persistent Threats and/or cyber-criminal groups including TTPs and key motivations
• Knowledge of key threat intelligence models: Kill Chain, Diamond Model, MITRE ATT&CK
• Knowledge/experience with pivoting and using public security research tools like Virus Total, Shodan, etc., or their equivalent
• Demonstrated ability to collaborate with external parties, including peer analysts and threat intelligence vendors, to explore interesting discoveries
• Beginner to Intermediate Python scripting experience, with desire to expand upon skillset to automate intelligence gathering and prioritization.
• Knowledge/experience with any link analysis tool (Tableau, Maltego, etc) and interest in mapping out adversary activity and discovering additional adversary infrastructure
• Knowledge/Experience writing YARA signatures from analysis of malware

Qualifications: BS in Computer Science with 3 years of Experience

• Strong communication and presentation skills.
• Ability to comply with any regulatory requirements.
• Ability to manage multiple priorities in a high pressure, fast paced environment.
• Ability to adjust priorities quickly as circumstances dictate.
• Demonstrated initiative, follow-up, and follow through with commitments.
• Ability to work independently and identify potentially more effective methods of work operation.
• Ability to use Microsoft Excel for complex queries using advanced functions and formulas to include charting, pivot tables, and pivot reports.
• Experience with command-line interfaces (Unix and DOS shells).
• Experience with interpreted programming languages (e.g. Perl, Python) and relational databases (SQL).
• Experience with big data platforms such as Hadoop, Splunk, SAS, and R.
• Experience with packet analysis, network forensics, or reverse engineering.
• Strong analytical and problem-solving skills and ability to convey complex information in a clear, concise manner.
• Ability to provide input into existing analytic platforms to include developing functional requirements and product roadmaps.

Qualifications: BS in Information Technology with 2 years of Experience

• Background in collecting, analyzing, and interpreting data from various sources, detailing the results and preparing substantial analysis products.
• Awareness of open-source intelligence techniques and platforms.
• Strong working knowledge of networks including the TCP/IP stack, typical organisation architectures, and common protocols abused by malware.
• Experience in security event analysis and triage, incident handling and root-cause identification.
• Understanding of tools, techniques and procedures that attackers use to compromise organisations, ideally from direct experience.
• Ability to work with a sense of urgency while remaining calm under pressure.
• Strong verbal and written communication and collaboration skills.
• Experience with local and multiple country regulations governing cyber intelligence processing and handling of sensitive data.
• Experience conducting cyber threat hunting operations using known adversary tactics, techniques and procedures to detect advanced threats to the enterprise.
• Familiarity with policies, standards and security frameworks e.g. NIST, CIS, MITRE ATT&CK.

Qualifications: BS in Information Security with 4 years of Experience

• Technical experience with a strong foundational understanding of enterprise system and application architectures as well as emerging technologies and approaches.
• Understanding and experience in security technologies, such as firewalls, IDS/IPS, AV, SIEM,  DLP, Vulnerability Management, Web and Email Content Filtering.
• Experience in analysing malware, hacking tools, and threat actor tactics, techniques and procedures to characterise threat actors’ technical methods for accomplishing their missions.
• Understanding of indicators of compromise (IOC) and threat hunting using highly granular tools, techniques, and procedures.
• Understanding of forensic analysis on and data captures from networks (packet capture), hosts (volatile/live memory), electronic media, log data, and network devices.
• Be a self-starter, be able to successfully prioritize and manage multiple complex tasks, and work well under pressure with limited supervision both individually and at times, with other team members.
• Excellent verbal and written communication skills with the ability to effectively articulate complex technical terms to both technical and non-technical audiences.
• Be able to adapt to a flexible working model, such as attending conference calls meetings outside of normal office hours and occasionally travelling to other local and international Computershare locations.   

Qualifications: BA in Criminal Justice with 3 years of Experience

• Proven experience as a Cyber Threat Intelligence Analyst or investigator
• Proficient understanding of good operational security (OPSEC) practices
• Knowledge of open, deep, and dark web marketplaces and forums
• Good understanding of the cyber threat landscape, including cyber threat actors and adversary tactics, techniques, and procedures
• Understanding of the Mitre ATT&CK framework
• Experience working and communicating directly with clients / customers / stakeholders
• Strong troubleshooting, presentation, and consultative skills
• Comfortable speaking technically with analysts and strategically with senior executives
• Ability to demonstrate strong writing and analytic skills
• Ability to understand and adapt to rapid product and technology developments
• Technical understanding of threat actor methodologies and cyber security offensive tactics 

Qualifications: BA in Intelligence Studies with 5 years of Experience

• Good understanding of global geopolitical dynamics and the ability to apply that knowledge to an information security context.
• Proven ability to understand and explain the behaviors of different types of complex organizations, from criminal groups to financial enterprises.
• Proven ability to translate complex information sets into specific recommendations that can be actioned by customers to enhance their security posture.
• Familiarity with cyber threats, defenses, motivations and techniques.
• Experience with intelligence analysis tools, methods and the intelligence lifecycle.
• Experience distilling raw information into actionable intelligence.
• Ability to write analytical information products.
• Ability to construct and analyze social network graphs.
• Ability to prepare and present research findings in both client and public settings.
• Ability to maintain or develop professional contacts in the cyber security community and in client industries including finance and government.
• Experience with conducting operations in closed/vetted online forums and marketplaces in both the surface and dark web spaces.
• Outstanding written and oral communication skills and the ability to prioritize work.

Qualifications: BS in Forensic Computing with 2 years of Experience

• Experience in intelligence or technical analysis with increasing responsibilities
• Demonstrated oral and written communications skills
• Good working knowledge of cyber threat intelligence analysis
• Prior intelligence community or military experience and/or formal analytic training/certification
• Strong analytical skills and the ability to effectively research, write, communicate and brief varying levels of audiences including at the executive level
• Previous experience managing cross functional and interdisciplinary project teams to achieve tactical and strategic objectives
• Demonstrated expertise and experience with the East Asia and Pacific regions
• Experience in intelligence or technical analysis with a focus on cyber threat analysis.
• Knowledge of geopolitical issues and events and the use of cyber tools & techniques to influence them
• Demonstrated expertise in deploying and maintaining tools to facilitate the flow of intelligence analysis and reports
• Experience with All Source production and knowledge of cyber/technical intelligence

Qualifications: BS in Network Engineering with 5 years of Experience

• Demonstrated initiative to self start/propose new projects
• Demonstrated ability to deliver top quality analysis, above and beyond the bare minimum
• Seen as an SME and has experience leading/guiding projects
• Experience with pivoting and public security research tools like VirusTotal, Shodan, Greynoise, etc., or their equivalent
• Ability to shift priorities on short notice, adaptable to the ever-changing threat landscape
• Demonstrated ability to collaborate and interest in consistently learning and exploring rabbit holes
• Knowledge of Advanced Persistent Threats including TTPs and key motivations
• Experienced knowledge and application of key threat intelligence models: Kill Chain, Diamond Model, MITRE ATT&CK
• Familiarity with any programming language (and interest in learning Python)
• Experience with any link analysis tool (Tableau, Maltego, etc) and interest in mapping out adversary activity and discovering additional adversary infrastructure
• Experience with GCIH, FOR610 or demonstrated equivalencies

Qualifications: BS in Software Engineering with 3 years of Experience

• Strong knowledge of common frameworks such as MITRE ATT&CK, Diamond Method, Cyber Killchain and others.
• Strong verbal presentation and writing skills, including the demonstrated ability to write clear and concise text.
• Excellent analytical abilities and a strong ability to think creatively when approaching issues.
• Ability to multi-task and work in fast-paced environment.
• Industry Certifications preferred: GCIA, GCIH, GCFA, OSCP, etc.
• Experience with malware analysis, preferably static analysis capabilities
• Experience writing Yara signatures from analysis of malware
• Desire and demonstrated ability to share CTI knowledge with team members
• Intermediate to advanced script experience using Python
• Familiarity with SIEMs, query languages (i.e. Splunk, Kibana), dashboard building, and log analysis
• Interest and/or basic familiarity with Threat Modelling
• Experience with dark web use cases

Qualifications: BS in Data Science with 5 years of Experience