Lead Analyst - Cyber Threat Operational Intelligence
About the Role
As a member of our Cyber Fusion Center, you will be joining a dynamic, around-the-clock team that spans the globe with footholds in the USA, the UK, Poland, India, and Singapore. Your primary objective will be to help implement our strategy, develop the capabilities, and oversee the provision of services. You will take charge of formulating, executing, and, where necessary, transitioning operations to our partners. Your role is pivotal in establishing governance to monitor the quality and efficacy of our partners' contributions, while also bolstering their efforts through incisive tactical analysis, thereby ensuring the fulfilment of the Cyber Fusion Center’s goals.
Furthermore, you will actively contribute to defence operations by delving into investigations against cyber adversaries. This involves joining forces with internal and external stakeholders to unearth and neutralize highly sophisticated cyber-attacks.
This position promises to be exhilarating as it offers unending opportunities for learning and growth. You will be at the forefront of the convergence of IT, OT, and IoT, utilizing cutting-edge technology platforms. Equally, it is a demanding role that requires acute discernment to discern early signals and warnings of cyber threats. Our Global Cyber Security program is grounded in intelligence-led cyber security, and you will be a linchpin in ensuring its efficacy, thereby having a profound impact on the business.
As defenders of Dyson’s network, you are more than just protectors – you are custodians of our most prized assets and secrets. Your role is that of a sentinel, standing vigilant and unyielding in safeguarding the integrity of our cyber landscape.
Experience and Accountabilities
Our Cyber Threat Intelligence team is tasked to support and enhance Dyson's security posture by providing situational awareness by understanding our cyber threat landscape. This is achieved through the delivery of timely and actionable threat intelligence that is relevant to Dyson. By combining technical expertise with a thorough understanding of the cyber threat landscape, and playing a supporting role in Threat Hunting, the team ensures depth and breadth of coverage of cyber threats and events and contextualizes them to drive planning for the leadership teams in Global Cyber Security.
To be a Cyber Threat Intelligence Lead Analyst (Operational Intel) at Dyson, we would like candidates to demonstrate experience in:
- Work with the senior manager to develop the roadmap, special focus on automating the traditional intelligence processes, keeping an eye on the breakthrough technology in the market in AI/ML, on-boarding the next phase on intelligence capabilities, and uplifting for the next 2-3 years, to align with the ever-changing threat landscape and ensuring Dyson assets are protected for advanced threats.
- Provide oversight governance in ensuring our partners are providing quality delivery and develop, maintain and periodically validate the cyber threat intelligence services
- Collecting information and analyzing to develop intelligence to continuously mature “indication and warning” capability.
- Perform in-depth analysis of cyber threats to understand their nature, capabilities, and potential impact, going beyond the immediate incident to understand the broader context and implications. Enrich with contextual information and produce finished intelligence
- Analyzing malware samples to understand their behavior, capabilities, and potential impact on systems
- Dissect and reverse-engineer malware to extract indicators and patterns that can help detect and prevent future infections
- Actively participate in incident response efforts.
- Produce intelligence reports and deliver insights to stakeholders.
- Create concise and actionable reports that outline the nature of threats, potential impact, recommended countermeasures, and proactive measures to enhance the organization's security posture
- Help in identifying the extent of the compromise, analyzing the attack vectors, and providing technical support to contain and mitigate the incident.
- Generate detailed reports documenting the findings of their investigations, including incident timelines, impact assessments, and recommended remediation steps.
- A key member of the Threat Hunting sprint team
- Collaborate with various teams within the organization, such as incident response teams, security operations centers (SOCs), threat hunting teams, and other stakeholders.
- Share information, contribute to cross-functional investigations, and provide subject matter expertise to support the overall security efforts
We are looking for team members with an exceptional track record of delivering security to a range of business types and sizes. You’ll bring the following:
- Minimum 3+ years of experience within operational cyber threat intelligence function.
- Working together with the manager, be willing to coach and/or mentor analysts joining the team.
- Excellent writing and presentation skills to communicate findings and recommendations to various stakeholders and senior leaders.
- Experience conducting intelligence investigations and familiarity with investigative tools.
- Experience in establishing and maintaining intelligence lifecycle.
- Proven track record of MITRE ATT&CK, Cyber Kill Chain, Diamond Model and able to develop threat models based on the frameworks.
- Experience in the use of cyber security products such as threat intelligence platforms, cloud security, endpoint security, and open source products such as Shodan, Virus total, etc.
Dyson is an equal opportunity employer. We know that great minds don’t think alike, and it takes all kinds of minds to make our technology so unique. We welcome applications from all backgrounds and employment decisions are made without regard to race, colour, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other any other dimension of diversity.