← Back to opportunities
About the Role
- Threat Lead Identification: Research new adversary tactics, techniques, and procedures (TTPs) using open sources (public information such as security vendor reporting, social media, code repositories); closed sources (dark web and underground forums); and proprietary sources.
- Subject Matter: Threat leads should focus on team priority intelligence requirements (PIRs). Examples of such subject matter include malware developments, offensive security tools, vulnerability exploits, cloud security, and mobile security.
- Key Detail Identification: During research, identify and take note of infection chains, host and network IoCs, malware samples, threat actors, and MITRE ATT&CK tactics and techniques
- Author Insikt Notes: Write TTP Instances detailing identified threat leads. TTP Instances include a combination of information from open-source reporting and your own analysis (i.e. code review, static malware analysis). TTP Instances are written and formatted...
Ready to Join Through a Referral?
Apply now and get connected directly with the hiring team
Apply for this Position