Senior Cyber Analyst – Threat Intelligence Maidenhead, England
Maersk
Full Time
Maidenhead, England
40082 - 72889 GBP ANNUAL Today
Job description
Pick a point on a globe, and Maersk won’t be far away. With 90% of global trade carried by sea, there is a fairly high chance that the shoes on your feet or the phone in your pocket travelled to you on a Maersk vessel. Would you like to impact the daily lives of people in every corner of the world? Then keep reading.
As a Senior Cyber Threat Intelligence Analyst in the Global Cyber Defence Centre (GCDC), your primary role will be to operate (end-to-end) the process for collecting, analysing and disseminating threat intelligence to the relevant stakeholders within Maersk.
You will report to the Cyber Manager (CTI), working alongside other CTI team members, as a Subject Matter Expert (SME) to deliver threat intelligence whilst working closely with other Cyber Security teams (Security Operations Centre, Threat Hunting, Red Team, Enterprise Cyber Issues Management, Product Owners, etc.). You will be responsible for the identification and reporting of cyber threats targeting Maersk entities.
Key Responsibilities:
- Produce and update threat actor profiles, detailing their motivations, capabilities, and infrastructure to enhance understanding of potential adversaries.
- Conduct intrusion analysis to support incident response and to develop in-depth understanding of threats targeting the organisation.
- Accountable for the effective collection, analysis, and dissemination of intelligence reports.
- Determine, prioritise and monitor a set of internal and external sources for threat data.
- Prioritise, validate and correlate threat data to obtain actionable information on existing and emerging threats to Maersk.
- Responsible for the configuration and use of the chosen threat intelligence platforms (TIPs).
- Produce and disseminate strategic, operational, and tactical threat intelligence reports periodically and urgently to relevant stakeholders in the enterprise.
- Conduct tactical investigations into key indicators and TTPs sourced from TIPs and Incident Response activities.
- Regularly review and update Priority Intelligence Requirements (PIRs) according to changes in the business and/or threat landscape.
- Provide finished intelligence products to key stakeholders.
- Lead collaboration activities with teams across the Cyber organisation to provide threat intelligence that furthers organisational understanding of potential adversaries and attack vectors, providing a foundation for building logging and monitoring strategies with CTI at the core.
- Define and enhance threat intelligence capabilities by developing processes where automation has the potential to improve efficiency.
- Supporting security incident management and delivering briefings to senior management.
- Ensure threat intelligence is actively used to drive improvements and remediation plans by participating in operational and change projects.
- Scope and respond to Requests for Information (RFIs) from Maersk stakeholders.
Technical skills & knowledge:
- High proficiency in using threat intelligence platforms (e.g. MISP), security tools, and SIEM solutions.
- Extensive and demonstratable experience in collection, analysis, production, and dissemination of intelligence.
- Strong technical understanding of networking, internet protocols and information security.
- Experience using the Cyber Kill Chain, Mitre ATT&CK Framework and Diamond Model.
- Advanced knowledge of the cyber threat landscape and conversant in the tactics, techniques and procedures used by cyber adversaries.
- Experienced in supporting security breaches, security incident management and delivering briefings to senior management.
- Knowledge of standard methods / systems for analysis and prioritisation of vulnerabilities e.g. CVE, CVSS.
- Knowledge and understanding of key political, operational and security risk issues in the maritime, transport and logistics sector is preferable.
- Advanced expertise in analysing the intersection of political and geopolitical developments with cyber security threat vectors and policymaking.
- Knowledge of threats to Cloud-based systems, and incident response in a Cloud environment.
- Ability to copy-edit and peer review intelligence products is essential.
Experience:
- At least four years previous experience operating in a cyber threat intelligence function or similar.
- Experience in other cyber security fields such as DFIR, threat hunting, or security engineering is highly desirable but not essential.
- Experience conducting intrusion analysis and contextualising key indicators using a combination of open-source and proprietary tools.
- Familiarity with one or more Threat Intelligence Platforms.
Having substantial operations in over 130 countries, we work across continents, across cultures and with individuals from all walks of life. This drives our ambition, to create equitable and inclusive workplaces where every individual can have a sense of belonging. As an equal opportunity employer, we do not discriminate on the basis of age, ancestry, national or ethnic origin, race, sex, gender identity or expression, sexual orientation, marital status, parental or caring status, religion or belief, physical or mental disability, long term health condition, pregnancy or parental leave, protected veteran status, or any other classification protected by applicable law. We actively work to address systemic bias and support representation. We therefore encourage all to apply and let us know if you require any reasonable adjustments to be made for your recruitment process. Learn more at: https://www.maersk.com/careers/diversity-equity-and-inclusion
Maersk
https://www.maersk.com/careers
Copenhagen, Denmark
Vincent Clerc
$10+ billion (USD)
10000+ Employees
Subsidiary or Business Segment
Marine Transportation
1928
