Senior Intelligence Analyst, Google Threat Intelligence

About the Senior Intelligence Analyst Role at Google Threat Intelligence

As a Senior Intelligence Analyst, you will leverage Google's cutting-edge cyber threat intelligence to empower network defenders and customer cyber threat intelligence (CTI) teams. Your primary mission will be to help customers actively defend against the threats they face. This role involves being embedded onsite with a customer for several days per week, providing direct support and drawing upon the vast resources and expertise of Google Threat Intelligence. You'll contribute to Google's extensive technical skills and CTI knowledge base, utilizing industry-leading tools and data to address customer priority intelligence requirements. Your focus will be on strengthening the customer's CTI defensive mission, assisting their SOC, threat hunters, detection engineers, and CTI analysts in countering threats and ensuring the secure operation of their networks.

Mandiant, a part of Google Cloud, is a recognized leader in dynamic cyber defense, threat intelligence, and incident response. Its cybersecurity expertise is trusted globally, built on unique frontline experience responding to complex breaches, nation-state grade threat intelligence, machine intelligence, and top-tier security validation. Mandiant's unparalleled insight into advanced threats will be a key resource in this role.

Minimum Qualifications

• Bachelor's degree or equivalent practical experience.
• 5 years of experience in a customer-facing role within cyber Intelligence and cyber operations.
• Experience working with security operations functions such as SOC tier 1/2, Hunt teams, executive managers, CISO.
• Experience analyzing indicators of compromise (IOCs), including sandbox output.
• Experience working in a government or military environment, developing cyber threat intelligence for network, host and log analysis, to enable the detection and response to cyber threats.

Preferred Qualifications

• Experience in leveraging cyber threat intelligence to describe, track and develop new intelligence on advanced persistent threats.
• Experience of conducting or supporting incident response and investigations within enterprise environments.
• Experience in SOC operations, threat hunting, detection engineering and SOC workflow optimization.
• Experience of network IDS monitoring, EDR solutions, SIEM and SOAR integration, and managing and contributing CTI into a threat intelligence platform.
• Understanding of core cyber security concepts, common enterprise IT infrastructure components, operating system internals and networking.
• Eligible to obtain security clearance in Israel as this can be a client requirement.

Responsibilities

• Build understanding of the customers' cyber threat intelligence (CTI) requirements. Identify their needs and opportunities for deployment of CTI within their operations to have the greatest defensive impact.
• Track, research and contribute CTI analysis within Google Threat Intelligence, of customer's priority threat concerns.
• Enable customer SOC analysts and Hunt teams to deploy and leverage Google's CTI.
• Generate CTI, and performing analysis of customer data, taking their bespoke sources to identify threat activity, or to build and automate investigative workflows.
• Support the integration of CTI into customer's security processes and technologies, including SIEM and threat intelligence platform (TIP) systems.
• Write intelligence reporting against customer requirements, appropriate for their intelligence analysts or executive readers.

Key Skills/Competency

• Cyber Threat Intelligence (CTI)
• Security Operations Center (SOC)
• Incident Response & Investigation
• Threat Hunting & Detection Engineering
• Network & Host Analysis
• SIEM, EDR, SOAR Integration
• Advanced Persistent Threat (APT) Tracking
• Customer Engagement & Communication
• Intelligence Reporting
• Data Analysis & Automation