Bitdefender

Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide. Guardian over millions of consumer, enterprise, and government environments, Bitdefender is one of the industry’s most trusted experts for eliminating threats, protecting privacy, digital identity and data, and enabling cyber resilience. With deep investments in research and development, Bitdefender Labs discovers hundreds of new threats each minute and validates billions of threat queries daily. The company has pioneered breakthrough innovations in antimalware, IoT security, behavioral analytics, and artificial intelligence and its technology is licensed by more than 180 of the world’s most recognized technology brands. Founded in 2001, Bitdefender has customers in 170+ countries with offices around the world. For more information, visit https://www.bitdefender.com

Job Description:

The Level 1 Cyber Intelligence Fusion Analyst works within a team under direct supervision to analyze cyber threat actors and their tactics to support 24/7/365 SOC operations and Bitdefender MDR customers. This position requires an analytical, detail-oriented person who can look across different datasets and information to help connect the dots for our customers and provide relevant and timely research and intelligence.

Analysis and intelligence functions generally support SOC threat hunting, requests-for-information, and customer monitoring. Additionally, the Level 1 analyst will perform alert triage and investigation, signature tuning, and various research to discover trends and indicators that enable and improve detection and response.

Required Skills:

• Conduct research, analysis, and correlation across a wide variety of all source data sets to find indications and warnings with link analysis skills
• Knowledge of threat intelligence toolsets, open-source intelligence (OSINT), or similar research tools and skills
• Knowledge of current cyber threat trends such as advanced persistent threats, cybercriminal actors, tactics, exploits and vulnerabilities, use of IOCs and IOAs
• Basic understanding of the intelligence lifecycle into action:
• Writing skills developed from intelligence reporting, technical writing, industry or academic research papers, or blog writing experience
• Basic network fundamentals: standard network protocols, services, and how they interact; basic operating system knowledge
• Investigation and troubleshooting skills, desire to learn more about cybersecurity and gain or grow incident response experience, defense-in-depth principles and best practice knowledge, familiarity or understanding of standard incident response tools

Preferred Skills :

• Basic understanding of threat modeling, evaluation of customers’ threat landscapes, Diamond Model, Mitre ATT&CK, Cyber Kill Chain, and/or Pyramid of Pain concepts
• Previous SIEM or SOAR experience
• Previous incident response experience
• Foreign language skills that may include familiarity or working knowledge of slang and similar current native fluency
• General knowledge of cybersecurity tools (host endpoint agents, firewalls, IDS & IPS, XDR)
• General knowledge of computer networking concepts and protocols, network security methodologies, knowledge of Windows and/or Linux operating systems, and/or other system or network administration skills
• Familiarity with system or network logs
• General understanding of cloud-based Infrastructure (AWS, Azure, GCP)
• General understanding of hacking methodologies in Windows and/or Unix/Linux environment
• General understanding of system and application security threats and vulnerabilities (e.g., buffer overflow, cross-site scripting [XSS], Structured Query Language [SQL] injections, man-in-the-middle, ransomware, or other malware)