E T Consultant

Overview

The ET Consultant will serve across all areas of threat intelligence to help inform and defend the business and protect brand reputation. The analyst works closely with internal technical teams, business units and external entities.

Key Responsibilities

• Research current and emerging threats facing the business and industry sector.
• Lead production and delivery of recurring threat intelligence reports, summarizing relevant cyber threats to WBG infrastructure.
• Conduct and publish in-depth risk assessments to evaluate and categorize the risk posture of detected cyber threats.
• Maintain a current understanding of advanced persistent threats (APTs), threat actor tactics, techniques, and procedures (TTPs), and cyber threat trends.
• Collaborate with internal and external stakeholders, to gather and share relevant threat intelligence.
• Develop and maintain threat profiles and reports to enhance detection and response capabilities.
• Continuously update and refine existing threat intelligence processes and methodologies.
• Centralize multiple threat sources, correlate indicators and threats, and distill actionable intelligence.
• Use automation to efficiently streamline and de-duplicate threats for playbooks, but use human analysis for actionable decision-making.
• Document threats into contextual reports outlining severity, urgency and impact.
• Serve as a trusted advisor to establish credibility with business unit leadership and technical teams.
• Use and assign indicator severity and impact ratings to determine appropriate plans of action.
• Evaluate and implement deception techniques designed to thwart adversaries.
• Work closely with security leadership to instill cybersecurity policies and practices throughout business units.
• Be readily available to participate in collaborative threat analysis meetings with internal and external trusted entities.
• Maintain an up-to-date level of knowledge related to security threats, vulnerabilities and mitigations.
• Create and deliver data driven reports and presentations for management and other stakeholders.
• Liaison with threat hunting, infrastructure, IT, vulnerability management, threat intelligence and software engineer team members.
• Leverage operational results to identify, communicate, and mitigate identified threats as well as implement knowledge sharing across various teams.
• Bring an applied understanding of relevant and emerging technologies.
• Familiarity with using OpenAI's GPT models via Azure, including fine-tuning, deploying, and scaling these models.
• Understanding of various generative models (e.g., GPT, GANs) and their applications.
• Plan and execute the implementation of threat management solutions through a data driven and agile approach.
• Perform other duties as assigned.

Required Experience

• Minimum 5 years of Information Security experience required with majority of time in a SOC.
• Strong written and verbal communication skills across all levels of the organization.
• Applicable knowledge of adversary tactics, techniques and procedures (TTPs), MITRE ATT&ACK framework, CVSS, open source intelligence (OSINT) and deception techniques.
• Demonstrated ability to investigate, handle and track incidents.
• Proficient in SIEM, intrusion detection and prevention systems (IDS/IPS), threat intelligence platforms and security orchestration, automation and response (SOAR) solutions.
• Ability to analyze incident logs, assess malware, and understand vulnerabilities and exploits, along with strong operating systems knowledge.
• Experience in incident handling, vulnerability management, hacking tools, intelligence gathering and kill chain methodology.
• Proven threat hunting experience and ability to track adversaries.
• Demonstrated experience conducting tabletop exercises and adversary emulation.
• Capable of working with diverse teams and promoting an enterprise-wide positive security culture.
• Ability to maintain a high level of integrity, trustworthiness and confidence, with the highest level of professionalism.
• Strong project management, multitasking and organizational skills.
• Ability to preserve credibility with the team and external constituents through sustained industry knowledge.
• Ability to motivate teammates to achieve excellence and willingly shares knowledge.
• Proven experience executing cyber threat hunting, incident response, or other relevant security operations.
• Familiarity with common enterprise scripting languages (PowerShell, Python, Bash, etc.).
• Leverage diverse ideas, experiences, thoughts, and perspectives to the benefit of the organization.
• Excellent problem solving, communication and collaboration skills.
• Understanding of how operating systems work and how malware exploits them.
• Past exposure to handle malware and financial crime malware related incidents.
• Familiarity with industry-standard processes defined for systems design, database design, development, testing, and integration phases of a project, including Agile-based implementations.
• Experience working in Agile environments, participating in Agile ceremonies, and utilizing Agile methodologies for security operations and threat investigations.
• Knowledge of common hacking tools and techniques

Qualifications

• Bachelor’s or Master’s degree with 2 years of experience or equivalent combination of education and experience (for example, in the IT field: Bachelor’s Degree with a minimum of 1 year of related work experience).
• GIAC Certified Incident Handler (GCIH), GIAC Cyber Threat Intelligence (GCTI), GIAC Reverse Engineering Malware Certification (GREM), Certified Information Systems Security Professional (CISSP) preferred, but not required.

Other Details