CTU Information Security Researcher - Threat Intelligence - Secureworks - London, UK or UK Remote

Dell ,
London, Greater London

Overview

Job Description

CTU Information Security Researcher - Threat Intelligence UK Remote Secureworks (NASDAQ: SCWX) is a technology-driven cybersecurity leader that protects organizations in the digitally connected world. Built on proprietary technologies and world-class threat intelligence, our applications and solutions help prevent, detect, and respond to cyber threats. Red Cloak software brings advanced threat analytics to thousands of customers, and the Secureworks Counter Threat Platform processes over 300B threat events per day. We understand complex security environments and are passionate about simplifying security with Defense in Concert so that security becomes a business enabler. More than 4,000 customers across over 50 countries are protected by Secureworks, benefit from our network effect and are Collectively Smarter. Exponentially Safer.www.secureworks.com We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about "what's next." We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team. Role Overview: The InfoSec Researcher is a member of our Counter Threat Unit Surveillance team. The Surveillance team monitors open source intelligence (OSINT) and tracks underground actors for information security threats and risks to our clients, providing real-time alerting and analysis on discovered threats. A successful candidate will support the Surveillance team by performing both OSINT and surface, deep, and dark web analysis, and producing actionable intelligence outputs for our customers through both written and presented deliverables. The ability to work remotely is a requirement. Responsibilities include, but are not limited to: * Manage an assigned load of clients; interacting regularly with customers in both written and verbal correspondence; continuously working with clients to determine and refine intelligence requirements and understand threat context. * Perform information triage, identifying true positives for client threat/risks and applying analysis/judgment and determining recommended remediations for client notification. * Perform proactive surface, deep, and dark web research to identify and characterize new threats to the client base. * Produce actionable intelligence in the form of monitoring alerts, OSINT reports, and client briefings. * Perform threat modeling to contextualize data in order to provide customers with a greater understanding of current threats. * Correlate emerging threats (news events) with actual client exposures and risks. * Develop mitigation and countermeasure strategies from collected threat intelligence to guide client response to ongoing threats. * Develop innovative ways to leverage existing data and correlate Surveillance team data with other sets available in the CTU and Secureworks at large. * Drive research innovation and assist in conceptualizing and developing automated solutions for continuous monitoring of malicious activity. * Participate in group innovation sessions where team objectively assesses its processes and techniques to look for ways to improve customer deliverables. Required Skills: * 4+ years of experience with intelligence analysis processes, including Open Source Intelligence (OSINT) and closed source intelligence gathering, source verification, data fusion, link analysis, and threat actor profiling. * Proven background researching threats using TOR, I2P, IRC, leveraging un-indexed web content and identifying changes to the underground landscape as they occur. * Familiarity with surface web, deep web, and dark web data sources. * Familiarity with advanced search engine functionality and search query customization. * Strong technical communication skills, both written and verbal; advanced level of English. * Effective time management and organizational skills. * Team player with the ability to work autonomously in a fast-paced, dynamic environment. * Passionate about information security and service excellence. * Willingness to provide on-call and off-hours coverage, as necessary. * Ability to travel occasionally for team on-sites and research conferences/strategic planning. Desired Skills: * Experience working with and adhering to intelligence tradecraft including use of intelligence tools such as Palantir, Maltego and/or Analyst Notebook; knowledge of and experience with information sharing protocols in the field of information security. * Programming experience (Python, PowerShell, Django). * Experience with Elastic Search, Logstash, Kibana and/or AWS. * Experience with data mining and social network analysis. * Experience with Penetration Testing or Red Teaming. * Familiarity with common open source research frameworks. * CEH, CISSP, GIAC, OSCP and/or SSCP certification