Threat Intelligence Analyst (630240)

Threat Intelligence Analyst (630240)

Arbetsbeskrivning

About this opportunity
We are looking for a Threat Intelligence Analyst to join the Ericsson Cyber Defense Center (CDC)! The global responsibility to defend Ericsson from advanced cyber-threats lies with us. To achieve our goals, we consist of four closely knit together teams: Threat Intelligence, Red Team, Cyber Operations (SOC/IR), and Process & Governance.

The TI team
The moderately sized TI team is well-established in the Ericsson organization and has a broad responsibility ranging from strategic/geopolitical threats, via strategic cyber threats all the way to tactical/operational cyber threat intelligence analysis.

In the geo-political end; we provide Ericsson decision-makers with strategic geopolitical threat scenario analyses, tailor-made studies on varying strategic topics, tactical updates during ongoing conflicts that affect the company. We also maintain a conflict catalog where we do continual monitoring of events, by combining quantitative and qualitative data and analysis.

In the cyber end of things; we do strategic reporting around the development of the threat landscape, we identify and track our prioritized threat actors, how they develop their TTPs and what vulnerabilities are currently being exploited. We analyze our own internal threat events to identify campaigns, do threat attribution, pivoting of indicators and feed information back to SOC, hunt and red teams for actioning.

Where you come from
We believe you either come from the geo-political side or have a background from the cyber defense side, but the combined experience of the two are of course most desired!

If you’re from the "strategic geopol" side, we seek one who:
Might have a bachelor’s degree in Political Science, War Studies, and/or International Relations and 1-3 years’ relevant work experience or a Master's degree in the same fields but perhaps less work experience.

You are proficient in the global geopolitical landscape and current ongoing interstate conflicts and might have a special interest/deep knowledge in a particular region of the world (Ericsson is active in around 180 countries).

You observe public statements, read reports, and analyze current events using open and closed sources, understand how they fit together and how to interpret them to determine whether a conflict might be escalating/de-escalating and/or how certain events may impact the company to keep management informed and on-top.

If you’re from the "cyber side", you probably have:
A bachelor’s degree in Computer Sciences, Software Engineering or similar and 2-4 years of work experience. A background as a CTI analyst, threat hunter, incident responder, red teamer, or similar.

Experience in working with forensic evidence produced by an IR team, EDR/NDR/Phishing alerts and know how to classify events using Mitre ATT&CK, Diamond Model and cyber kill-chain.
Knowledge how to pivot on atomic indicators using common tools like VT and OSINT and how to operationalize malware reverse-engineering reports.
Ability to use the collected information to find overlaps between seemingly disparate events, tying it together in a TIP to accurately attribute TA activity and identify long-running campaigns and use this knowledge to inform the other teams within a cyber defense organization.

You will bring
A highly analytical mentality, and knowledge in the basic tradecraft of making sound analyses using tools such as Analyses of Competing Hypotheses (ACH), a stringent mental rigor, and methods to ensure reports and conclusions are fair and without analytical bias
A passion for communication, both through eye-pleasing visual presentations as well as the written word in form of reports and flash updates
A keen eye for detail and a preference to work with a small team, since most assignments are produced together with others and need to be of high detail and quality
Perfect English (both oral and written level). In Ericsson, we have a lot of interactions with English-speaking individuals.
A comfortable approach in presenting your work in meetings or workshops to larger audiences


Why join Ericsson?
At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build never seen before solutions to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next.

What happens once you apply?
Come join our #TeamEricsson. Feel free to apply and include a resume in English, outlining how you meet the specific requirements of the position.
The selection and interview process are ongoing. Therefore, send in your application in English as soon as possible. We encourage you to apply!

If you have any further questions, you are welcome to contact us:

Hiring Manager: Head of Threat Intelligence

Recruiter: Justyna Gnatowska (Justyna.gnatowska@ericsson.com)
Location: Sweden/EMEA - The team is in the European time zones, why we prefer you also are since it's important we can meet daily without issues with inconvenient meeting schedules.
Kindly note that we do not accept applications sent via e-mail

Sammanfattning

  • Arbetsplats: Ericsson AB Stockholm
  • 1 plats
  • Tills vidare
  • Heltid
  • Fast månads- vecko- eller timlön
  • Publicerat: 18 maj 2022
  • Ansök senast: 28 maj 2022

Besöksadress

Kistagången 6
Kista

Postadress

KI/EAB/DKG/DA
Stockholm, 17281

Liknande jobb


.Net developer

.Net developer

15 november 2024

Automation Engineer

Automation Engineer

18 november 2024

Developer

Developer

18 november 2024