Overview:
The Cyber Intelligence Threat (CTI) Manager has deep experience with Threat Intelligence actionable concepts and recognizes relationships between individuals, businesses, and other entities. A CTI Manager possess fine sense of ethics, a working understanding of regional legalities and a familiarity of industry standards surrounding open-source intelligence.
The CTI Manager will focus on full CTI lifecycle elements including collection, enrichment, and analysis of actionable intelligence basis defined PIRs. The candidate should have strong documentation, language skills, and analytical abilities. The manager will lead assignments as well as operational tasks that are varied and frequently require interpretation and independent determination of the appropriate course of action for executive decision making.
The CTI Manager will work within the Cyber Threat Intelligence team in Cyber Fusion Center for Core42. This position includes understanding of MSSP environment and customer's organizational strategy along with their operating objectives tied to Strategic, Tactical and Operational CTI strategy.
Core42 is the UAE’s national-scale enabler for cloud and generative AI, combining G42 Group’s expertise across multiple technology disciplines into a single platform for public sector and large enterprise transformations. Building on our capabilities as sovereign cloud and HPC specialist, we bring generative AI, cybersecurity, professional and managed services expertise to enable national-scale program deployments across industries.
Responsibilities:
- Mapping out malicious internet infrastructure and identifying related OSINT/CYBINT covering Deep, Dark, Surface web.
- Lead full CTI program to align with customer PIRs and deliver services to provide requisite value propositions both internally and externally
- Understanding what information could lead to a potential threat for our customers gleaning various social media services around the world.
- Drive CTI Team to achieve required objectives and cover all aspects of CTI spectrum covering Strategic, Tactical, Geopolitical and Operational intelligence.
- Actively participate in the development, documentation, and implementation of new processes to expand and mature capabilities for the organization.
- Thrive in culturally diverse research matters and be aware of cultural, social, and linguistic norms that may impact findings. (Fluency or proficiency in multiple languages including Arabic a plus) ensures that threats and vulnerabilities to the organization's business systems and applications (both in-house and cloud-based) are minimized.
- Review and analyze open source datasets to find actionable and contextual threat information.
- Gather and record key indicators and information about threat infrastructure and campaigns.
- Collect intelligence based on established requirements and fully analyze based on operational procedures.
- Analytical and technological skills to extract intelligence (information) from available data (data), ability to find the necessary information and how to extract it.
- Investigate, analyze and prepare analytical data and deliver intelligence value in different terms (short, medium and long) in an automated way on various topics related to our field: functional, geographical, sectoral, etc.
Qualifications:
- BA/BS/BE degree in IT, Computer Science, Intelligence or equivalent and nine (9) years or more cybersecurity experience; Masters and seven (7) years or more cybersecurity experience ; Ph D and four (8) years or more cybersecurity experience. This experience along with Cyber Threat Intelligence domain coverage can include one or more of the following cyber-security functions: Threat Hunting, System Administration, Intrusion Detection/Prevention, Monitoring, Incident Response, Digital Forensics, Vulnerability Management. A minimum of 3 years of experience in operational or tactical cyber threat analysis in aggregate is a good differentiator.
- Subject matter expertise (SME) in the analysis of sophisticated threat actors, their TTPs and associated malware.
- Certifications such as CISSP, SANS 578 (GCTI), CREST Certified Practitioner/Registered Threat Intelligence Analyst, or similar.
- Familiarity with reverse engineering tools such as IDA Pro, Ghidra, Windbg or Ollydbg
- Understanding of industry standard threat frameworks (Lockheed Martin Cyber Kill Chain, Diamond Model, MITRE ATT&CK).
- A background in intelligence analysis is a must, with knowledge of IR best practices at an enterprise level.
- Experience working in, or related to, Operational Technology (OT), Industrial Control Systems (ICS) and/or Io T industries.
- Understanding of cybersecurity frameworks for ICS/OT environments (ISA-99/IEC 62443, NIST SP 800-82, NIST CSF, CIS, etc.).
- Skill in handling cybersecurity bigdata
- Experience working in, or related to, risk management platforms.
- Experience within a managed security services (MSSP) environment working with big or medium size customers in their threat intelligence transformation journey.
- Experience working with SOAR tools and threat intelligence playbook development & integration.
- Experience working with various Cloud platforms, such as AWS, GCP or Azure.
What we look for
If you are a performance-driven, inquisitive mind with the agility to adapt to ambiguity, you will fit right in. You should be eager to explore opportunities to build meaningful collaborations with stakeholders and aspire to create unique customer-centric solutions. Bias for action and a passion to conquer new frontiers in the AI space is at the heart of the Core42 community.
What working at Core42 offers
Culture:
An open, diverse and inclusive environment with a global vision that encourages personal growth and focuses on ground-breaking, industry-first innovations.
Career:
Outstanding learning, development & growth opportunities via structured training programs and innovative, high-tech projects.
Work-Life:
A hybrid work policy to strike the perfect balance between office and home.
Rewards:
A competitive remuneration package with a host of perks including healthcare, education support, leave benefits and more.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.