Intelligence Researcher

Description:

eSentire is looking for highly capable individuals to be part of our Threat Intelligence team. eSentire is a recognized industry leader and one of Canada’s Fastest-Growing Tech company. We work in a collaborative and innovative work environment with brilliant and passionate people who strive and encourage others to do their best. Join us to gain rewarding and developing career experience with the ability to grow and make an impact from your work.

The successful candidate will report to the Senior Manager of Threat Intelligence and be responsible for the collection and processing of incident data across eSentire customers. By working collaboratively with the team, you will produce written technical analytical assessments with the outcome of improved capabilities to disrupt cybercrime. This is a technical, hands-on role, for a person who enjoys solving complex problems and is also comfortable explaining the solution to those complex problems publicly at conferences, and with clients in meetings. Along with strong intrusion analysis acumen and keen technical skills, a successful candidate should be methodical and apply creative thinking, with the capacity to push conventional boundaries, aiming to deliver state-of-the-art cybersecurity protection services and articulating the value of those services to clients.

RESPONSIBILITIES

• Apply your knowledge and experience in intrusion analysis to collect and prepare incident data for analysis.
• Work collaboratively with the team to automate data collection/processing where possible.
• Produce tactical level intelligence analysis of cyber threats and actors in support of the team objectives as well as overall cyber security and network defense operations.
• Collaborate with Marketing, Client Success, Sales & Partners
• The Sr. Manager will assign other duties if required.
• Minimum of 3 years’ experience in an analytic role of either intrusion detection or network forensics analyst.
• Experience in performing security incidents detection and handling in an operational environment such as SOC, CSIRT, CERT.
• Strong written and verbal communication skills.
• Located in EMEA
• Experience working with database management systems such as MYSQL/PSQL.
• Experience working with clients, and articulating risk in business terms.
• Experience presenting research at conferences and public events.
• Experience with investigation & response tools such as Carbon Black Response, CrowdStrike, SentinelOne, and ThreatConnect.
• Familiarity with Shodan, or Binary Edge.
• Ability to convey complex technical content to a tactical, operational, and strategic audience.
• Familiarity with incident lifecycle and reporting.
• Familiarity with MITRE’s ATT&CK framework.
• SANS Certifications are considered an asset (GCTI,GCIH)
• Work will be in the standard business environment during 9 to 5 office hours.
• The position does not require the availability for on-call rotation, or 24/7 shift coverage.
• In case of emergency working hours might be modified.