Threat Analyst

Threat Hunting

1. Forensic Analysis & Incident Investigation

• Conduct detailed forensic analysis to gather evidence, understand the scope of security incidents, and identify attackers tactics, techniques, and procedures (TTPs).
• Collaborate with incident response teams to determine the full extent and impact of the incident.

1. Global Threat Intelligence Monitoring

• Continuously monitor and analyze global threat intelligence feeds from trusted external agencies to stay up to date on emerging threats.
• Use threat intelligence to identify potential risks and threats targeting the organization.

1. Brand Monitoring

• Regularly monitor the brand for any suspicious activity, including abuse of brand, phishing domains, and other forms of impersonation.
• Track and mitigate any attempts to exploit the organization's brand or reputation online.

1. Indicators of Compromise (IOCs) Analysis

• Provide IOCs with associated reliability scores, detection quality, and risk scores, ensuring that each score is justified and dynamic, representing the real-timeautomated risk of the IOC.
• Continuously review and adjust IOC risk scores based on the evolving threat landscape.

1. Real-Time Threat Feed Refresh

• Ensure that threat feeds are refreshed immediately upon identifying new threats or observing global attacks based on their criticality.
• Implement real-time updates to the threat intelligence systems to maintain an up-to-date view of potential risks.

1. Deep/Dark Web Monitoring

• Perform deep and dark web monitoring to identify potential threats or leaks related to the Client's industry or environment.
• Alert the organization about any relevant findings and threats originating from these sources.

1. Threat Actor Insights & Advisories

• Provide unique insights into threat actors targeting critical infrastructure, and deliver actionable threat advisories to the organization's security teams.
• Develop reports detailing adversary tactics and potential impact on the Client's assets.

1. Analytics-Based & IOC-Based Hunting

• Perform both analytics-based hunting and IOC-based hunting to identify potential threats and malicious activity across the organization's network.
• Use threat hunting techniques to proactively uncover hidden threats and vulnerabilities.

1. Threat Intelligence Solution Configuration & Maintenance

• Ensure that the threat intelligence solution is correctly configured and integrated across all workloads and infrastructure.
• Regularly maintain and update the threat intelligence systems to ensure they align with the Client's security standards.

1. Collaboration with CyberDefence Teams

• Collaborate with the Clients's CyberDefence operational teams and Subject Matter Experts (SMEs) to enhance the protection of critical business assets.
• Assist in developing and refining security strategies based on threat intelligence findings.