Threat Intelligence Analyst
at Anomali in Belfast
Anomali delivers earlier detection and identification of adversaries in your organization’s network by making it possible to correlate tens of millions of threat indicators against your real time network activity logs and up to a year or more of forensic log data. Anomali’s approach enables detection at every point along the kill chain, making it possible to mitigate threats before any material damage to your organization has occurred.
Threat Intelligence Analysts work as part of our Professional Services team that partners with Anomali customers. Responsibilities range from analyst support to account onboarding and product training to delivering product solutions to acting as the “voice of the customer” for our product management and development teams.
Anomali already supports information security teams at some of the most ambitious organizations on the planet. Your days will be spent working closely with those customers to ensure they are effectively using our intelligence services to secure and positively impact business operations.
You will be a problem-solving expert discussing new security technology with top companies and serving as the liaison between Anomali and our customers. You must be passionate about technology and a great customer experience as well as building a world-class security business.
- Manage the technical aspect of accounts from the moment they become customers. You will be the customer’s champion and guide to using Anomali for threat intelligence.
- Provide analyst support for quick hit product requests as well as formal research reports and customer briefings on threat topics.
- Understand each customer’s unique threat intelligence goals and field technical product questions supporting analyst teams.
- Develop and deliver product configurations that fulfil intelligence requirements according to customer workflows.
- Manage activities across multiple clients including account reviews, onsite product configuration/training, and analyst support to ensure customer success.
- Drive user adoption of Anomali solutions as well as communicate customer requirements and product successes/failures across the organization.
- Acquire complete command of Anomali products (ThreatStream 6.0, Anomali Enterprise, Anomali Link, etc)
- Occassionally support large and strategic customer pre-sales activities
- Serve as a coach and trusted advisor to large and strategic Anomali customers
- Derive and disseminate threat intelligence best practices to help drive customer adoption of Anomali products and services
- Provide feedback to product management based on field experiences
- Work closely with our exceptional security engineers and data scientists in Anomali Labs to drive technical requirements for new prototype and tool development.
- Enhance security tradecraft to identify threats before the adversaries have a strong foothold in organizations.
- BA/BS or equivalent combination of education and experience
- 2+ years of experience as an Intelligence or Information Security Analyst.
- Experience working and communicating directly with clients
- Strong troubleshooting, presentation, and consultative skills
- Comfortable speaking technically with analysts and strategically with senior executives
- Strong project management skills
- Strong verbal and written communication skills
- Strong technical background and ability to speak to engineers, developers and end users
- Knowledge of enterprise level businesses and inner IT workings
- Understanding of terminology and tactics employed by threat actors
- Experience scripting in Python or other scripting language to enable threat research, malware analysis, or other security-related tasks
- Knowledge of how malware is developed, functions, and is employed
- Ability to extract technical indicators from malware and/or pcap via tools
- Has presented at a security or hacking conference.
- Has an active threat intelligence related blog
- Has contributed to or released a security tool as open source software
- Enjoys collaborating and sharing information with the broader security community
- Experience writing YARA/Snort signatures
- Prior experience working in startups
- Experience with ArcSight, Splunk, IBM QRadar, McAfee Nitro, and/or Hadoop
Predominately EMEA. Travel may include but not limited to: customer locations, local user groups, user conferences events, and corporate events.
Base plus corporate compensation package